Demi Obenour
Demi Obenour
You can actually use a DER-encoded prime256r1 key by just stripping the first 26 bytes, which will always be: ``` unsigned char a_dat[] = { 0x59, 0x30, 0x13, 0x30, 0x07,...
* For P-384, the header is 24 bytes. * For P-521, the header is again 26 bytes. * For ed25519, the header is 12 bytes. * For ed488, the header...
Does doing this correctly require const generics?
@brenzi Some embedded platforms need to avoid all memory allocation, either because of real-time constraints or because they cannot afford the possibility that an allocation may fail.
@burdges what would the best way be to handle platforms that need all memory to be statically allocated? Those are the platforms [BearSSL](https://www.bearssl.org) targets.
@burdges what about avoiding traits altogether? A first step would be a completely non-generic version.
Some users may be using just one of these steps on purpose. #113 is an example ― in the context of libp2p, there is no hostname to validate against, and...
I think that the DER code in *ring* can be split out into its own crate.
It is worth noting that non-web uses of X.509 do not necessarily require subjectAltName.
For those who are running into this error in non-web uses of X.509, check out . It is a low-level library that should be able to parse these certs, but...