Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

Handling keys & certificates. 2012/4/23, Martin Schreiber : > On Monday 23 April 2012 10:34:20 Ivanko B wrote: >> I still don't understand. Please be more verbose in future. openssl >> stores >> private key files in DER or PEM format where the key usually is >> protected >> by a symmetrical encr

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Monday 23 April 2012 10:34:20 Ivanko B wrote: > I still don't understand. Please be more verbose in future. openssl stores > private key files in DER or PEM format where the key usually is protected > by a symmetrical encryption for example des3. > = > For instance, we have: >

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

I still don't understand. Please be more verbose in future. openssl stores private key files in DER or PEM format where the key usually is protected by a symmetrical encryption for example des3. = For instance, we have: - private key => DES3 password protected - certificate => p

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Monday 23 April 2012 08:51:16 Ivanko B wrote: > Local CA files etc files planned to be more secure ( additional > encryption layer/pass ). > I still don't understand. Please be more verbose in future. openssl stores private key files in DER or PEM format where the key usually is protected by a

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

Local CA files etc files planned to be more secure ( additional encryption layer/pass ). 2012/4/23, Martin Schreiber : > On Sunday 22 April 2012 23:20:16 Ivanko B wrote: >> AFAIK OpenSSL decrypts encrypted private keys directly into the internal >> data structures without intermedate file. >>

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Sunday 22 April 2012 23:20:16 Ivanko B wrote: > AFAIK OpenSSL decrypts encrypted private keys directly into the internal > data structures without intermedate file. > = > Sure, but not only private keys but some other SSL related files - for > instance, local CA files, some sensitive dat

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

AFAIK OpenSSL decrypts encrypted private keys directly into the internal data structures without intermedate file. = Sure, but not only private keys but some other SSL related files - for instance, local CA files, some sensitive data in certificate files etc. 2012/4/22, Martin Schreiber

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Sunday 22 April 2012 13:39:32 Ivanko B wrote: > Because it'll decrypt them to plain files on file system (best is a > temporary file ) so that they be used further by SSL services. AFAIK OpenSSL decrypts encrypted private keys directly into the internal data structures without intermedate file

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

Because it'll decrypt them to plain files on file system (best is a temporary file ) so that they be used further by SSL services. The idea is to decrypt not to real file system (where thay can be easily stolen by modern malware) but to pseudo (in-memory) files which can't be read & passed to subpr

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Saturday 21 April 2012 21:52:11 Ivanko B wrote: > It's best to decrypt keys etc sensitive session data to a temporary > in-memory files. > Say we have encrypted private keys, certificates etc but need to call > OpenSSL (Stunnel) etc expecting the key be present by files. So, we'll > have to decr

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

It's best to decrypt keys etc sensitive session data to a temporary in-memory files. Say we have encrypted private keys, certificates etc but need to call OpenSSL (Stunnel) etc expecting the key be present by files. So, we'll have to decrypt the files thus there'll be plain versions of them on file

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Saturday 21 April 2012 19:05:48 Ivanko B wrote: > me mean operating on decrypted private keys with software expecting > them to be files (easy to steal ). > The encrypted key should be decrypted by OpenSSL which asks for the key-key, I don't know. You probably should ask a security expert. Mar

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

me mean operating on decrypted private keys with software expecting them to be files (easy to steal ). 2012/4/21, Martin Schreiber : > On Saturday 21 April 2012 17:06:18 Ivanko B wrote: >> so that can be used as a way of passing password to OpenSSL. >> Mainly needed to provide secure way of pass

Re: [MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

On Saturday 21 April 2012 17:06:18 Ivanko B wrote: > so that can be used as a way of passing password to OpenSSL. > Mainly needed to provide secure way of passing private key after > decrypting encrypted file presenting the key. > I don't understand, please explain. Maybe you should use asymmetric

[MSEide-MSEgui-talk] Is crossplatform in-memory file or file descriptor possible ?

so that can be used as a way of passing password to OpenSSL. Mainly needed to provide secure way of passing private key after decrypting encrypted file presenting the key. -- For Developers, A Lot Can Happen In A Second.