From f0605fd65ee3ee585c942e41fb7f4c0019075e62 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Tue, 3 Jul 2012 01:56:26 -0700
Subject: [PATCH] hopefully the right RSA encryption operation for computing y
 = E(r)

---
 client-webserver/CSR.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/client-webserver/CSR.py b/client-webserver/CSR.py
index 5ee201e00..3d4225a74 100644
--- a/client-webserver/CSR.py
+++ b/client-webserver/CSR.py
@@ -100,6 +100,16 @@ def sign(key, data):
         return out
     return None
 
+def encrypt(key, data):
+    """Encrypt this data with this public key."""
+    with tempfile.NamedTemporaryFile() as tmp:
+        tmp.write(key)
+        tmp.flush()
+        out, err = subprocess.Popen(["openssl", "rsautl", "-pubin", "-inkey", tmp.name, "-encrypt"],shell=False,stdin=subprocess.PIPE,stdout=subprocess.PIPE,stderr=subprocess.PIPE).communicate(data)
+    if out and not err:
+        return out
+    return None
+
 def issue(csr):
     """Issue the certificate requested by this CSR and return it!"""
     # TODO: a real CA should severely restrict the content of the cert, not