[Ipsec-tools-devel] [patch] Expand plainrsa-gen with conversion capability.

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

It is a pain that racoon only supports the format "plainrsa".
As of recently the Debian packaging will include a contributed
converter to and from PEM format, which eases the cooperation
with OpenBSD systems and isakmpd/ipsecctl.

I would like to suggest that also

  src/racoon/plainrsa-gen.c

be expanded with such capability for conversions. Included in
this message is code that allows plainrsa-gen(8) to take public
or private PEM-formatted RSA keys as input, and from those
produce the same key in "plainrsa" format, instead of generating
a new, random key.

The same patch also mends some incomplete handling of the output
file stream, in order to enhance security somewhat.

The parser of "plainrsa", as present in "src/racoon" is clearly
not conceived for general use, so I gave up on the task of
implementing the conversion code PLAINRSA-to-PEM. A project
member should undertake this task, which ought to be manageable
with the right knowledge. I can use my time in better ways.

Best regards,
  Mats Erik Andersson, DM