Hello Nils,

Tuesday, August 15, 2006, 11:17:08 PM, you wrote:
>> I do not need any networking in my project, so I'd rather prefer to
>> create a new SSL_CTX object with a call of "SSL_CTX_new( NULL)" and
>> populate it with other methods (if nesessary) later.

NL> what do you want to do with such a ssl context ?
I need just a very basic support for reading and writing the
PEM-encoded keys - I re-invent some proprietary tool for creating what
is called the "Mini Certificates" of proprietary design
(Sipura|Linksys's for embedded devices). Having the SSL context
initialized allows for transparent support of pass-phrase-protected
keys. Untill I initialised SSL_CTX I was not able even to call my own
password callback in a string like that:
"ca_rsa = PEM_read_RSAPrivateKey( fp, NULL, my-passwd-cb, NULL );"

May be my previous perils were of my own fault, but an initialized
context solved all problems:
"ca_rsa = PEM_read_RSAPrivateKey( fp, NULL, NULL, NULL );"
works perfectly no matter if a key-file was protected or not...

So, if at all possible - in the sake of someone doing things for
embedded environment with the tight memory|code-size demands - having
a way to initialize an SSL_CTX with the absolute minimum of resources
required, may be of some interest. IMHO.

May be there are other ways to achieve the same level of code
simplicity and programming conviniences - then ignore my proposal and
give me a hint how to do it.

Thank you again.

--
Best regards,
Tony mailto:rz1a@mail.ru

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org