[openssl-dev] [RFC 0/2] Proposal for seamless handling of TPM based RSA keys in openssl
David Woodhouse
dwmw2 at infradead.org
Wed Nov 23 09:47:17 UTC 2016
On Wed, 2016-11-23 at 09:39 +0100, Tomas Mraz wrote:
>
> I also would not be too much worried - the API call should not be
> completely universal - the application should know whether it is
> loading a certificate or private key. It should just be able to use a
> single call to load a certificate in PEM, DER, or whatever other
> possible data format. The same for private keys, etc.
Well, except in the case where the application asks to use a PKCS#12
file as the identity. In which case you want to load cert, key, and
supporting cert chain all from the same place.
And you often have a PEM file which contains both the certificate and
the private key.
But yes, generally you *know* what you're looking for.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20161123/692cff65/attachment.bin>
More information about the openssl-dev
mailing list