Denis Kenzior <denk...@gmail.com> wrote: > In theory the PEM file already contains the type of the certificate, at least > at a high level. E.g. private, public, tpm. So if we accept PEM files > directly that could be potentially a faster way of determining the parser to > use and would still work with keyctl update/instantiate, right?
Yes. It shouldn't be much code, either. You still have to check for X.509 DER since the kernel currently supports that. David
