[openssl-project] Help deciding on PR 6341 (facilitate reading PKCS#12 objects in OSSL_STORE)
Kurt Roeckx
kurt at roeckx.be
Fri Jun 1 21:51:22 UTC 2018
On Fri, Jun 01, 2018 at 01:20:17PM -0500, Benjamin Kaduk wrote:
> On Fri, Jun 01, 2018 at 12:23:39PM +0000, Salz, Rich wrote:
> > > I think that the gist of the difference of opinion is whether it's OK
> > to use locale dependent functions such as mbstowcs in libcrypto or
> > not.
> >
> >
> > Thanks for the summary.
> >
> > I am against use locale-dependent functions in libcrypto.
>
> I think it's pretty clear (at least to me), that such functions do
> not belong in the normal path. I'd be open to considering them as a
> fallback attempt to read existing data (as opposed to generating new
> encrypted data), but find Andy's argument about nonpredictability
> (combined with David Woodhouse's enumeration of the various cases
> and the minimal utility of such conversions) to be fairly
> compelling. That is, I am also against the use of functions that
> depend on the current process's locale in libcrypto. (I phrase this
> slightly differently, in that functions which take an explicit
> locale to use might still be okay, but are not really portable
> enough for us to use, AIUI.)
So it's my understanding that the library functionw will always
work in UTF-8 then, that's just fine for me.
That would then just mean that the apps need to do the correct
thing and convert it to UTF-8.
Kurt
More information about the openssl-project
mailing list