behaviour of function: int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

behaviour of function: int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);

Antonio Araujo
hi friends of openssl, i am trying to loading a
private key stores in a hsm after it has been opened
with k of n authentication method (smart cards). my
program have to do something similar openssl ca
command do when using engine CHIL.

openssl ca command load a private key
from the engine with the following extrac of code:

from openssl-0.9.7e/src/apps/ca.c

...
engine setup previously
...
        if (!key)
                {
                free_key = 1;
                if (!app_passwd(bio_err, passargin, NULL, &key,
NULL))
                        {
                        BIO_printf(bio_err,"Error getting password\n");
                        goto err;
                        }
                }
        pkey = load_key(bio_err, keyfile, keyform, 0, key, e,

                "CA private key");
        if (key) OPENSSL_cleanse(key,strlen(key));

...

the function app_passwd(bio_err, passargin, NULL,
&key, NULL) return the password in its key argument,
but i do not actually understand where the password of
hsm is searched from.

app_passwd calls another function:
static char *app_get_pass(BIO *err, char *arg, int
keepbio) that get the password from an enviromental
variable; but how does it do? is the hsm password
charged previously from card set stored in some place?


thanks for your help

antonio araujo


__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¬°gratis!
Reg√≠strate ya - http://correo.espanol.yahoo.com/ 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]