[openssl-dev] [RFC 0/2] Proposal for seamless handling of TPM based RSA keys in openssl

[Richard Levitte]

In message <2360f57bb7504a328e5517ac92e19427 at usma1ex-dag1mb1.msg.corp.akamai.com> on Wed, 23 Nov 2016 13:51:03 +0000, "Salz, Rich" <rsalz at akamai.com> said:

rsalz> 
rsalz> > Why is it different if we do exactly that in libcrypto?
rsalz> 
rsalz> Because *we* are not guessing.  We are telling the application
rsalz> "we think it's a FOO" and then letting the application decide
rsalz> what to do.

We don't have the functionality to do it that way, at all.  All we
have are the d2i functions, which will either return with an error
indication or return the fully parsed and decoded structure.

Essentially, you're suggesting that we split out the matching part of
the d2i functions and put that to good use.  Or do you have some other
idea, along the lines if magic?

rsalz> Security libraries *should not guess.*

Isn't telling the application "we think it's a FOO" guessing?  What's
the application going to do, go "naaaah, methinks it's a BAR" and try
to decode the blob as that (and most probably fail) rather than FOO?

Cheers,
Richard

-- 
Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/