Message246555
I'm not sure I know how to do this correctly: I lack of experience both
with openssl C API and writing python modules in C.
It may be more flexible, but unless the key is protected/crypted somehow,
one would need a string or bytes buffer to hold the key when creating the
private key object: not much secure. Don't you think that it should be
addressed in a separate issue?
2015-07-09 15:48 GMT+02:00 Christian Heimes <report@bugs.python.org>:
>
> Christian Heimes added the comment:
>
> I'd rather introduce new types and have the function accept either a
> string (for path to fiel) or a X509 object and a PKey object. It's more
> flexible and secure. With a private key type we can properly support crypto
> ENGINEs and wipe memory when the object gets deallocated.
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue16487>
> _______________________________________
> |
|
Date |
User |
Action |
Args |
2015-07-10 10:41:22 | martius | set | recipients:
+ martius, jcea, pitrou, kristjan.jonsson, vstinner, giampaolo.rodola, christian.heimes, asvetlov, brandon-rhodes, dstufft |
2015-07-10 10:41:22 | martius | link | issue16487 messages |
2015-07-10 10:41:22 | martius | create | |
|