[openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Jul 25 22:29:27 UTC 2018
> On Jul 25, 2018, at 4:50 PM, Ken Goldman <kgoldman at us.ibm.com> wrote:
>
> For background, this is the TPM 1.2 endorsement key certificate. I.e., this is a real application with millions of certificates issued. The key is an RSA-2048 key.
>
> The TCG (for a while) specified
>
> Public Key Algorithm: rsaesOaep
>
> rather than the commonly used
>
> Public Key Algorithm: rsaEncryption
>
> because the key is an encryption key rather than a signing key.
> The X509 certificate parser fails to get the public key.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~
>
> An alternative fix (I got a patch for 098 from an openssl maintainer)
> that accepts rsaOaep would also fix the issue.
Or perhaps both. It is not clear that my choice of rejecting
unsupported key algorithms at security level 0 is the right one,
but it would of course be best if the key algorithm were supported
if it has non-negligible "legitimate" use.
Perhaps open an issue (or PR) on github proposing (or implementing)
a change to the check_key_level() logic and see whether there is
support for it?
--
Viktor.
More information about the openssl-users
mailing list