Re: get type of PEM data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In message <1ce93d56-6fa4-1bae-d440-5ab843900e40@xxxxxxxxxxxxxxxxxxxx> on Wed, 28 Mar 2018 17:10:40 -0700, Jordan Brown <openssl@xxxxxxxxxxxxxxxxxxxx> said:

openssl> Matt: Indeed, looks very promising. Now if only we were on
openssl> 1.1.1 :-(. I'm a little surprised that it doesn't read from a
openssl> BIO.

It's certainly possible to add such an API.  As a matter of fact, we
do have that internally, specifically for PEM files...  have a look in
1.1.1's crypto/include/internal/store_int.h.  That's not the initial
intention with the API, though...

Also, I can't quite shake the feeling that a BIO API would be a bit
shaky.  Internally, the file: scheme loader opens all files in binary
mode, as it's designed to detect if the file is a PEM file or raw DER,
so the question remains, if we would open up a BIO STORE API, what are
th expectations?  Will people open such files in binary mode at all
times?  Should that be a content type agnostic interface (i.e. should
it detect if the file is PEM or raw DER), or should there be separate
functions for PEM and raw DER content?

Please note that for each question, we're getting further and further
away from the idea of having an interface where the caller doesn't
need to know much more than how to indicate where to load stuff from,
to an API that almost becomes a 1:1 mapping of PEM and d2i functions.
When we've come that far, what have we gained?
But I dunno...  I'm ambivalent around these ideas, and considering
those internal functions I mentioned, we do have some kind of base set
up already, so it would probably not be that hard to open up that kind
of functionality to the public.  Perhaps as a side thing, like STORE
UTILS?

-- 
Richard Levitte         levitte@xxxxxxxxxxx
OpenSSL Project         http://www.openssl.org/~levitte/
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux