Re: [RFC PATCH 8/8] KEYS: Implement PKCS#8 RSA Private Key parser [ver 3]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2016-05-11 at 15:22 +0100, David Howells wrote:
> Implement PKCS#8 RSA Private Key format [RFC 5208] parser for the
> asymmetric key type.  For the moment, this will only support unencrypted
> DER blobs.  PEM and decryption can be added later.

I would recommend *not* adding PEM and decryption support. That can
live in userspace. You don't want to end up with the whole set of
handlers for all the weird formats, from PKCS#12 to OpenSSL's non-
standard encrypted PEM files.

Trust me, I implemented a whole bunch of that for OpenConnect. You
don't want it. Just mandate unencrypted binary PKCS#8 (or PKCS#1).

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse@xxxxxxxxx                              Intel Corporation

Attachment: smime.p7s
Description: S/MIME cryptographic signature


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux