PEM file line size
Frank Liu
gfrankliu at gmail.com
Thu Feb 25 23:30:43 UTC 2021
Looking at test cases
https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/test/recipes/04-test_pem.t
, openssl indeed is a parser that can handle other line sizes than 64
chars. If we were to strictly follow RFC, shouldn't we error out none 64
line size (except last line which could be equal or less than 64)? Leaving
it "undefined behavior" would invite issues.
On Thu, Feb 25, 2021 at 2:57 AM Matthias Buehlmann <
Matthias.Buehlmann at mabulous.com> wrote:
> „Parsers MAYhandle other line sizes.These requirements are consistent with PEM [RFC1421 <https://tools.ietf.org/html/rfc1421>].“
>
>
> It‘s not a bug, it‘s undefined behaviour.
>
> On Wed, 24 Feb 2021 at 20:20 Frank Liu <gfrankliu at gmail.com> wrote:
>
>> Hi,
>>
>> I noticed openssl 1.0.1 and 1.0.2 can't read a certificate PEM file with
>> base64 line size of multiples of 1265. Any other line size seems to be
>> fine, even though rfc7468 says "exactly 64 characters except for the final
>> line".
>>
>> The same pem file can be read fine with latest openssl 1.1.1j. Does
>> anybody know the bug or PR when that was fixed?
>>
>> Thanks!
>> Frank
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20210225/f77d40fb/attachment.html>
More information about the openssl-users
mailing list