[openssl-dev] [openssl.org #3665] Bug report and a patch forOpenSSL 1.0.1l (and 1.0.1k)

Uri Blumenthal via RT rt at openssl.org
Tue Jan 20 03:15:32 UTC 2015


Also, the way I read the current code (crypto/asn1/a_type.c, line 120 - it would (incorrectly) reject a certificate where both algorithms are encoded with absent parameter lists:

 if (!a || !b || a->type != b->type) return -1;

I think we all agree that such a certificate would be valid/legal?
--
Uri Blumenthal
uri at mit.edu<mailto:uri at mit.edu>




More information about the openssl-dev mailing list