Jarkko Sakkinen <jarkko@xxxxxxxxxx> wrote: > There's no reason to encode OID_TPMSealedData at run-time, as it never > changes. > > Replace it with the encoded version, which has exactly the same size: > > 67 81 05 0A 01 05 > > Include OBJECT IDENTIFIER (0x06) tag and length as the epilogue so that > the OID can be simply copied to the blob. This seems reasonable. We have a limited set of OIDs we can generate (currently 1). Better to store the BER-encoded form and copy that in rather than trying to turn a pretty-printed OID into the BER encoding unless we absolutely have to. David
