[openssl-dev] [EXTERNAL] Re: PKCS12 safecontents bag type deviation from spec
Sands, Daniel
dnsands at sandia.gov
Tue Jan 16 19:31:11 UTC 2018
On Tue, 2018-01-16 at 14:50 +0000, Salz, Rich via openssl-dev wrote:
> OpenSSL defines it as a SET OF and the spec says it’s a SEQUENCE
> OF. Ouch! Will that cause interop problems if we change it? (I
> don’t remember the DER encoding rules)
>
>
>
Well, a SEQUENCE uses tag 16 while a SET uses tag 17, according to a
quick reference I found. So that could be an interoperability concern.
But maybe this is the first actual use of nested safecontents, since
this difference flew under the radar for so long :)
More information about the openssl-dev
mailing list