https://bugzilla.mindrot.org/show_bug.cgi?id=3561
--- Comment #4 from Damien Miller <[email protected]> --- The spec might say use 1-byte packing, but I can't find a Unix/Linux implementation that actually does this. OpenSC doesn't: https://github.com/OpenSC/libp11/blob/master/src/pkcs11.h WolfSSL doesn't: https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/pkcs11.h Android doesn't: https://android.googlesource.com/platform/hardware/ti/omap4-aah/+/master/security/tf_sdk/include/pkcs11.h and the example header file from OASIS themselves is at best ambiguous: http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/errata01/csprd01/include/pkcs11-v2.40/pkcs11.h No incompatibilities in OpenSSH have been reported so far relating to this, and you haven't described what problems you're experiencing and what platform/OS you're using. > Although many implementations of PKCS11 on non-windows systems also > do this, is that really a good reason to ignore the standard? Yes, is it actually a great reason to ignore the standard. Following it would make us incompatible with the overwhelming majority of software that our users expect us to interoperate with. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
