[fpc-pascal] Synapse: SSH client+cryptlib+private key
Ludo Brands
ludo.brands at free.fr
Sat Feb 4 15:30:49 CET 2012
>
> Hello,
>
> I suspect more or less the same can be used to set up a HTTPS
> connection
> with a known certificate ?
>
> Maybe this is something to be added to the WIKI ?
>
> Michael.
>
You mean client authentication (the HTTPS server has a list of public keys
of the authorised users)?
When using cryptlib you'll have a similar pk conversion problem. It should
be much easier to set up with OpenSSL which has support for ssl client
authentication and looking at the synapse code it is supporting it also. Use
Sock.SSL.PrivateKeyFile for the private key file (pem or asn1 format, only
first key used while cryptlib uses the additional label to select from
multiple keys) and Sock.SSL.KeyPassWord for the password used to encrypt the
private key.
For SSH the main difficulty is that only synapse+cryptlib supports SSH and
synapse has taken a shortcut in using only private keys from file which, in
cryptlib, is restricted to pkcs15 or pgp keyring.
Ludo
More information about the fpc-pascal
mailing list