Viktor Dukhovni <ietf-d...@dukhovni.org> writes: >I've not yet seen raw public key support in any mainstream TLS libraries, >though admittedly my focus is primarily on OpenSSL. Do any of NSS, GnuTLS, >BoringSSL, LibreSSL, ... support raw public keys?
I've never seen it either. My code does actually support them, but not in the way you think, for devices that don't have the ability to deal with certs there's the memcpy()-into-send() certificate implementation I've mentioned before, you memcpy() a pre-encoded cert chain onto the network, and for receiving memcpy() the data in and pick out the SPKI. So in effect it's raw public keys, but to anyone watching it looks like it's certificates. There are other embedded implementations that do this too, it's a pretty obvious optimisation (in other words I'm not trying to claim credit for inventing it). >We'd need to invent some sort of special X.509 object that holds only a >public key, but behaves in some sensible way when used with functions that >expect X.509 certificates. That's exactly what my code does, but with certificates (CONFIG_USE_PSEUDOCERTIFICATES). So there's no need for raw public keys, you just treat certs as raw keys and everything works the way it already does with certificates. Is there any known actual use of raw public keys for TLS? Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
