[openssl-users] output from: dh, dhparam, pkeyparam
bkaduk at akamai.com
Wed Aug 10 16:45:25 UTC 2016
On 08/10/2016 11:00 AM, Jakob Bohm wrote:
> On 08/08/2016 16:51, Benjamin Kaduk wrote:
>> What Rich said, and also note that it's perfectly valid usage of the
>> PEM routines to read one type from a BIO and then go on to read
>> another (potentially different) type from the same BIO, as would
>> happen if they were in the same file concatenated after each other.
>> So, attempting to peek and see if there was other stuff after the
>> read PEM object would be a strange special case.
> Maybe there should be a general
> routine called from the functions that take a file name as
> argument, open it as a BIO, loads some PEM data and closes
> the BIO, thus giving the caller no opportunity to use (or
> check for) any extra PEM blocks (or DER blocks for DER
That level of foot-shooting-protection seems overkill to me, though my
opinion doesn't really matter since I'm not on the dev team.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users