[openssl-project] Help deciding on PR 6341 (facilitate reading PKCS#12 objects in OSSL_STORE)

Benjamin Kaduk kaduk at mit.edu
Fri Jun 1 18:20:17 UTC 2018


On Fri, Jun 01, 2018 at 12:23:39PM +0000, Salz, Rich wrote:
> >    I think that the gist of the difference of opinion is whether it's OK
>     to use locale dependent functions such as mbstowcs in libcrypto or
>     not.
>   
> 
> Thanks for the summary.
> 
> I am against use locale-dependent functions in libcrypto. 

I think it's pretty clear (at least to me), that such functions do
not belong in the normal path.  I'd be open to considering them as a
fallback attempt to read existing data (as opposed to generating new
encrypted data), but find Andy's argument about nonpredictability
(combined with David Woodhouse's enumeration of the various cases
and the minimal utility of such conversions) to be fairly
compelling.  That is, I am also against the use of functions that
depend on the current process's locale in libcrypto.  (I phrase this
slightly differently, in that functions which take an explicit
locale to use might still be okay, but are not really portable
enough for us to use, AIUI.)

-Ben


More information about the openssl-project mailing list