I was able to export a PKCS #8 encrypted key with either
SEC_OID_DES_EDE3_CBC or
SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC
which OpenSSL reads, I did not try other algorithms at the.
A somewhat sanitized extract of the pertinent function follows:
--
Subrata,
Subrata Mazumdar wrote:
>
>
> Wan-Teh Chang wrote:
>> On Sat, Sep 27, 2008 at 12:17 PM, Nelson B Bolyard
>> <[EMAIL PROTECTED]> wrote:
>>
>>> Subrata Mazumdar wrote, On 2008-09-27 06:33:
>>>
Actually, the problem is even worse - some of the applications use
unencrypted
Subrata Mazumdar wrote:
Bob,
I implemented the importing and exporting of private key from PKCS#8
file using NSS API.
Here is what I found based on my testing :
Using Mozilla NSS API, I can only import/export private key in PKCS#8
format with
"PKCS12 V2 PBE With SHA1 And 3KEY Triple DES-cbc"
Nelson B Bolyard wrote:
> [...]
> What about that problem necessitates the use of PKCS#8?
> On what stone is it chiseled that servers must read private keys from
> PKCS#8 files every time they start up?
It makes sense to limit the number of formats used, and to say the
private key and the cert sh
Nelson B Bolyard wrote:
> [...]. Applications
> that generate private keys and then just leave them lying around in
> unprotected files are having fun with cryptography, but aren't serious
> about security. NSS is serious about security.
Using passwords stored in configuration files is being ser
5 matches
Mail list logo
