I also believe that we shouldn’t be relying on locale, it is a Pandora’s box we don’t want to open. Even claiming that OpenSSL is UTF-8 compliant is probably a stretch (e.g. the isXXX functions aren’t). Saying we accept unsigned eight bit byte inputs and process them unmodified is as far as I’d like to commit to.
Pauli > On 2 Jun 2018, at 9:08 am, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > > > >> On Jun 1, 2018, at 6:47 PM, Richard Levitte <levi...@openssl.org> wrote: >> >> Ah, forgot one important detail: it is well understood that *all* >> file based objects will get the same requirements, right? That goes >> for anything protected through PKCS#5 as well (good ol' PEM >> encryption, PKCS#8 objects and whatever else I forget...) > > Canonicalize when importing for use with the store API. Not sure > whether wchar_t though, just octet string in UTF-8 seems saner. > That is the password is an opaque byte string, not a character > string in the platform's encoding of i18n strings. > > -- > Viktor. > > _______________________________________________ > openssl-project mailing list > openssl-project@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-project _______________________________________________ openssl-project mailing list openssl-project@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-project