Comments (4)
ctz
commented on May 14, 2024
How about working together on a general PEM parsing crate?
I'd definitely be interested in working together on a PKCS8 crate for solving this problem. There's some good ASN1-DER parsing ground work in ring -- would a dependency on that be alright for use with/in Thrussh?
from rustls.
briansmith
commented on May 14, 2024
FWIW, my plan for ring is that all the key deserialization will be PKCS#8. We only implemented the simpler RSA key deserialization as an incremental step.
from rustls.
commented on May 14, 2024
I'd definitely be alright with anything of the kind, even if it means writing it myself.
I just wanted to make sure we do it in a consensual way, à la Rust, to avoid reimplementing the same things everywhere.
Btw, there's a new Thrussh in my pipe, using Tokio.
from rustls.
commented on May 14, 2024
Alright, after looking at this in greater detail, they seem to be different formats.
Definitely, SSH keys should also be stored in PKCS#8 format, but they're not, for historical reasons.
I think Thrussh should support both, and default to PKCS#8.
from rustls.
Related Issues (20)
- mtls doesn't prompt browser for certificate HOT 7
- how to upgrade to v0.22 in this code? HOT 12
- PrivateKeyDer support for pkcs11 / ccid HOT 3
- Client handshake succeeds in TLS 1.3 even though the server has rejected the certificate HOT 7
- Internal buffer size question and related issue HOT 1
- Can someone explain what this library is for? HOT 13
- `get_sni_extension` is no longer public which breaks our application HOT 6
- Support jemalloc for benchmarks
- reduce bifurcation of library internals by using low-level API in high-level API HOT 8
- About empty root hints list in "certificate_authorities" extension HOT 5
- Noticeable performance degradation from 0.21 to 0.22 HOT 2
- How can I explicitly disable TLS 1.3 in the config builder API and/or improve logging? HOT 2
- Please provide ClientConfig/ServerConfig functions that use an enabled CryptoProvider automatically HOT 7
- Compile error when target is wasm HOT 2
- Address difficulty upgrading between versions HOT 9
- Weird BoGo failure related with EarlyData HOT 1
- TLS1.3 performance problem HOT 8
- Request for Information on Dedicated discussion Channel for Rustls like Element.io or Discord Alternatives? HOT 3
- use openssl not get Panic,use rusttls get panic HOT 4
- BadRecordMac, client abort connection after several packets after handshake HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rustls.