Message246555
| Author |
martius |
| Recipients |
asvetlov, brandon-rhodes, christian.heimes, dstufft, giampaolo.rodola, jcea, kristjan.jonsson, martius, pitrou, vstinner |
| Date |
2015年07月10日.10:41:22 |
| SpamBayes Score |
-1.0 |
| Marked as misclassified |
Yes |
| Message-id |
<CAOEXP8hEO-umBKzqod7xB28xMN_Ki+LWzRtgKpydMPjviEJr7w@mail.gmail.com> |
| In-reply-to |
<1436449693.16.0.675414948951.issue16487@psf.upfronthosting.co.za> |
| Content |
I'm not sure I know how to do this correctly: I lack of experience both
with openssl C API and writing python modules in C.
It may be more flexible, but unless the key is protected/crypted somehow,
one would need a string or bytes buffer to hold the key when creating the
private key object: not much secure. Don't you think that it should be
addressed in a separate issue?
2015年07月09日 15:48 GMT+02:00 Christian Heimes <report@bugs.python.org>:
>
> Christian Heimes added the comment:
>
> I'd rather introduce new types and have the function accept either a
> string (for path to fiel) or a X509 object and a PKey object. It's more
> flexible and secure. With a private key type we can properly support crypto
> ENGINEs and wipe memory when the object gets deallocated.
>
> ----------
>
> _______________________________________
> Python tracker <report@bugs.python.org>
> <http://bugs.python.org/issue16487>
> _______________________________________
> |
|