[openssl-dev] OpenSSL and certain PEM formats
Sean Leonard
dev+openssl at seantek.com
Wed Dec 17 10:37:08 UTC 2014
Hi OpenSSL devs:
I am putting the finishing touches on an Internet-Draft for textual
encodings of security structures
<http://tools.ietf.org/html/draft-josefsson-pkix-textual-09>, which
OpenSSL refers to as the "PEM format".
While reviewing OpenSSL's behavior, I noticed a few esoteric labels (see
pem.h):
#define PEM_STRING_X509_PAIR "CERTIFICATE PAIR"
(note, this is supposed to encapsulate a CertificatePair structure
from X.509)
#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
#define PEM_STRING_PARAMETERS "PARAMETERS"
(note, this label does not have any algorithms in it, so I presume it
refers to some kind of generic parameter structure)
Do these labels have practical use? I have not seen them in the wild.
Why are they in OpenSSL? Are they ever used for interchange with other
implementations, or are they specific to OpenSSL's own purposes?
Thanks,
Sean
More information about the openssl-dev
mailing list