[Help-gnutls] About Future Plans: Private keys encrypted.
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Nov 18 16:34:54 CET 2005
On Thursday 17 November 2005 01:22, Fran wrote:
> On Mér, 2005-11-16 at 12:33 +0100, Nikos Mavrogiannopoulos wrote:
> > Which manpages were problematic?
>
> It is strange for me (for me):
> > unsigned int flags
> > 0 if encrypted or GNUTLS_PKCS_PLAIN if not encrypted.
> > Currently only RSA keys can be imported,
> > and flags can only be used to indicate an unencrypted key.
It is indeed strange. The problem is that if the key is DER encoded that
encryption status cannot be auto-detected[0]. In the PEM case it is different
since there is a header we can check. That's the purpose of this flag.
I've added some clarification on the documentation...
[0]. We could try to decode it as encrypted and if that fails try the
unencrypted decoding, but this is too high level. If needed it should
be done on a higher layer.
--
Nikos Mavrogiannopoulos
More information about the Gnutls-help
mailing list