GNU extensions to read_s2k for GnuTLS 2.4.x

Simon Josefsson simon at josefsson.org
Fri Aug 22 14:45:35 CEST 2008


Daniel Kahn Gillmor <dkg-debian.org at fifthhorseman.net> writes:

> For anyone interested in testing, below is a public key with the
> primary key stripped (using GNU-Dummy S2K), and an
> authentication-capable subkey with unencrypted secret material.
>
> I think this would be a reasonable method to provide private keys to a
> typical TLS-capable service (such as HTTPS or SMTP).
>
> -----BEGIN PGP PRIVATE KEY BLOCK-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> lQCVBEO3YdABBACRqqEnucag4+vyZny2M67Pai5+5suIRRvY+Ly8Ms5MvgCi3EVV
...

Daniel, it would be excellent if you could implement a small self-test
of the functionality using that dummy private key, to be placed in
tests/.  It should use the public gnutls interfaces, not the direct
opencdk interfaces.  For inspiration, look at for example
tests/certificate_set_x509_crl.c.

Thanks,
/Simon





More information about the Gnutls-devel mailing list