From: "Dr. Stephen Henson" <st...@openssl.org>
On Mon, Jul 09, 2012, MauMau wrote:
>[Questions]
>Q1:
>I want to encrypt the master encryption key with an
>administrator-supplied password. I'm considering storing the
>master encryption keys in SecretBag entries of a PKCS#12 file,
>i.e. use one SecretBag per one master encryption key.
>
>How can I store and retrieve information from/to SecretBags after
>pkcs12_create()/pkcs12_parse()? I couldn't find appropriate
>medium-level API to manipulate SecretBags despite the below
>statement in Changelog. I would be grateful if you could give me
>the pointers to sample programs as well.
>
That isn't possible with the current PKCS#12 API and I'm not aware of a
standard that describes this. An alternative would be to use public key
encryption instead.
Oh, I see. It's good to know that SecretBag is not available with the
current API. I'll think about the alternative.
Regards
MauMau
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
