I've noticed when calling PEM_read_bio_X509() on a bogus file it has to read *the entire file* before it fails and returns NULL, whereas other functions like d2i_PKCS7_bio and d2i_PKCS12_bio() fail after reading just a small amount.
Can we fix the PEM functions to fail sooner? Why can't they tell after reading the first line that it doesn't start with "-----BEGIN"? Or after each line why can't it tell that it's not valid base64 data? I'm writing a function that detects the cert type automatically by calling various OpenSSL read functions like the ones I've mentioned above, and it can be very slow to return "not a cert" on large non-cert files. Thanks, Phillip
