[openssl-dev] STORE (was: [RFC 0/2] Proposal for seamless handling of TPM based RSA keys in openssl)
Richard Levitte
levitte at openssl.org
Wed Nov 23 13:34:21 UTC 2016
Change of subject, this part of the thread isn't so much TPM any more...
In message <1479823032.8937.37.camel at infradead.org> on Tue, 22 Nov 2016 13:57:12 +0000, David Woodhouse <dwmw2 at infradead.org> said:
dwmw2> On Tue, 2016-11-22 at 14:18 +0100, Richard Levitte wrote:
dwmw2> >
dwmw2> > Just let me shamelessly mention my STORE effort again ;-)
dwmw2> > Among others, it does attempt to solve that very problem (in the
dwmw2> > 'file' scheme handler).
dwmw2>
dwmw2> Neat. Note that I have a ready-made test suite for you in OpenConnect:
dwmw2> http://git.infradead.org/users/dwmw2/openconnect.git/blob/HEAD:/tests/Makefile.am
dwmw2>
dwmw2> For every one of the key files therein, does your current
dwmw2> implementation work? :)
Nope, not even for all the PEM files... I'm seeing a number of them
(I noticed the PKCS#8 ones in particular) that don't return any data
at all.
I haven't look that deeply into PEM_X509_INFO_read_bio before, and it
seems to only cover a subset of all the types we recognise.
Considering it's undocumented, I'm wondering if that's the right
function to pursue. The other option is to create a function in the
'file' scheme loader that does the same thing but with a table of
handlers. I'm quite fine with that idea...
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list