On Wed, 2016-05-11 at 15:22 +0100, David Howells wrote: > Implement PKCS#8 RSA Private Key format [RFC 5208] parser for the > asymmetric key type. For the moment, this will only support unencrypted > DER blobs. PEM and decryption can be added later. I would recommend *not* adding PEM and decryption support. That can live in userspace. You don't want to end up with the whole set of handlers for all the weird formats, from PKCS#12 to OpenSSL's non- standard encrypted PEM files. Trust me, I implemented a whole bunch of that for OpenConnect. You don't want it. Just mandate unencrypted binary PKCS#8 (or PKCS#1). -- David Woodhouse Open Source Technology Centre David.Woodhouse@xxxxxxxxx Intel Corporation
Attachment:
smime.p7s
Description: S/MIME cryptographic signature