[openssl-users] STORE (was: get type of PEM data)

Richard Levitte levitte at openssl.org
Fri Mar 30 18:17:14 UTC 2018

In message <d8941512-76a1-5871-afa0-68b513c834c2 at jordan.maileater.net> on Fri, 30 Mar 2018 10:29:52 -0700, Jordan Brown <openssl at jordan.maileater.net> said:

openssl> [re STORE design]
openssl> To be clear: it doesn't bother me one way or the other. It
openssl> just seemed like the general design for "reading data from a
openssl> stream" for OpenSSL is to read from a BIO, rather than
openssl> directly providing "read from file", "read from memory
openssl> buffer", et cetera. I was surprised to see a new feature that
openssl> didn't follow that pattern. I *do* need "read from memory"
openssl> for my application, but writing a temporary file would not be
openssl> a problem.

Well, thing is that the source of data might not be something that
lends itself well for a BIO interface...  For example certificates and
keys hidden by an HSM of some sort.  So the STORE is an abstraction of
any sort of storage for that kind of protected data, and to directly
translate it to usable objects, something that would be quite
difficult with the BIO API.


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list