Re: Implementing direct PKCS#12 support and submitting patches
mcr at xelerance.com
Mon Apr 10 19:34:31 CEST 2006
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Ilia" == Ilia Sotnikov <hostcc at gmail.com> writes:
Ilia> The question is: against what tree should I make the patch?
Ilia> openswan.git or latest release (2.4.5)? Which one would be
Ilia> preferrable for OpenS/WAN developers?
You will find that all of the ASN.1, etc. code has moved to libopenswan/
Please make sure that you have a new program in programs/ that can
read the pkcs12 file and do something with this. This should be useable
as a unit test for your code.
Please also check out the programs/showhostkey. It isn't finished
yet... it needs to do more things. It would be neat if you could import
a PKCS12 file, and then export a raw RSA key in various formats.
It is desireable to be able to take a raw rsa key present in
/etc/ipsec.secrets and generate a self-signed certificate X.509 from it.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----
More information about the Dev