Batch mode for ENGINE_load_private_key

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Batch mode for ENGINE_load_private_key

Bartek Palak
Hi All,

Does anybody know how to make function ENGINE_load_private_key working in batch (not interactive) mode?

I am using nCipher hardware module and CHIL engine library.
Unfortunately standard "hwcrhk_get_pass" and " hwcrhk_insert_card" functions use "ui methods" for interacting with user
(asking about pass, printing error messages, etc). I am writing batch application, so any interaction with user is impossible.
Another problem is, that in case of any errors (e.g. incorrect password) this function are called in a loop.
There is any possibility to "unset" UI_CTRL_IS_REDOABLE flag?

Any help will be appreciated.

regards
Bartek Palak


Reply | Threaded
Open this post in threaded view
|

Re: Batch mode for ENGINE_load_private_key

Goetz Babin-Ebell
Bartek Palak wrote:
> Hi All,
Hello Bartek,

> Does anybody know how to make function ENGINE_load_private_key working
> in batch (not interactive) mode?

You can implement an own UI_METHOD doesn't ask for the pass phrase.

Bye

Goetz

--
DMCA: The greed of the few outweighs the freedom of the many

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Batch mode for ENGINE_load_private_key

Bartek Palak
Goetz Babin-Ebell wrote:
Bartek Palak wrote:
Hi All,
Hello Bartek,

Does anybody know how to make function ENGINE_load_private_key working in batch (not interactive) mode?

You can implement an own UI_METHOD doesn't ask for the pass phrase.

Bye

Goetz

I have tried to implement UI_METHOD doesn't ask for the pass phrase.
But in case of any errors (e.g. no card inserted, incorrect pass) HWCRHK/CHIL library still
requires interaction with user - it just writes an error string and waits for user reaction.
To emulate user reaction I will need knowledge what error event took place.
Is it possible to get such knowledge just by examining "string type" of UI_STRING argument passed to ui methods?

regards
Bartek


Reply | Threaded
Open this post in threaded view
|

Re: Batch mode for ENGINE_load_private_key

Richard Levitte - VMS Whacker
In message <[hidden email]> on Mon, 11 Jul 2005 10:06:03 +0200, Bartek Palak <[hidden email]> said:

bartek> I have tried to implement UI_METHOD doesn't ask for the pass
bartek> phrase.  But in case of any errors (e.g. no card inserted,
bartek> incorrect pass)

Complaints like no card inserted and the like are sent to the output
stream, aren't they?  That's handled by hwcrhk_log_message().
Otherwise, I'm not entirely sure what exactly isn't working or what is
sending out the output that disturbs you.

bartek> HWCRHK/CHIL library still requires interaction with user - it
bartek> just writes an error string and waits for user reaction.

Well, it will wait for something for sure.  After all, if there's no
card or the pin you entered is incorrect, it can't do mush work, can
it?

bartek> To emulate user reaction I will need knowledge what error
bartek> event took place.  Is it possible to get such knowledge just
bartek> by examining "string type" of UI_STRING argument passed to ui
bartek> methods?


Depends a little on the behavior of the CHIL interface...  I haven't
had a box to play with since 2001, so I can't really tell.

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]