[Openswan dev] Re: Implementing direct PKCS#12 support and submitting patches

Michael Richardson mcr at xelerance.com
Mon Apr 10 19:34:31 CEST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Ilia" == Ilia Sotnikov <hostcc at gmail.com> writes:
    Ilia> The question is: against what tree should I make the patch?
    Ilia> openswan.git or latest release (2.4.5)? Which one would be
    Ilia> preferrable for OpenS/WAN developers?

  openswan.git, #public
  You will find that all of the ASN.1, etc. code has moved to libopenswan/

  Please make sure that you have a new program in programs/ that can
read the pkcs12 file and do something with this.  This should be useable
as a unit test for your code.

  Please also check out the programs/showhostkey. It isn't finished
yet... it needs to do more things. It would be neat if you could import
a PKCS12 file, and then export a raw RSA key in various formats.

  It is desireable to be able to take a raw rsa key present in
/etc/ipsec.secrets and generate a self-signed certificate X.509 from it.

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

  


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRDsHpYCLcPvd0N1lAQLXswgAohBWGuG73VUp9fze3qDV0Muk06PnwNZJ
Q9eEzNiZTZfwt/5xNbM6/MXKb0rX1zteImfiwrnVn1AyYSLmLOsG+iJoNhjh5dF/
DDhje2147hnYuISmi+ifGcFUcVlbKEQ6l0U9dpyv7Y/NxY9AUgFBsqzesUR3HsPA
1p9WtdzsAcvA5Eq60oxBv21JDcAUOSp5lSf3s2+jX3vgwp1snz2ewnQTX/jj1iRj
SkXPqonDnH1/gJn+pHhacWaJP2blUDPbe1Z57R74rVjPwFeQQuP2fXxTbKmWoBFi
5VWmXTsrvVFc1glg5+0lykCaarDmZF91Qq96evomIjmfR6W7XvsfmA==
=NORR
-----END PGP SIGNATURE-----


More information about the Dev mailing list