[openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm
kgoldman at us.ibm.com
Wed Jul 25 20:50:43 UTC 2018
On 7/25/2018 4:27 PM, Viktor Dukhovni wrote:
> Yes, that's what I'm saying, but also asking the broader list for feedback
> on such a change. Should security level zero succeed even with unsupported
> EE keys (which somehow get used with some other software???).
For background, this is the TPM 1.2 endorsement key certificate. I.e.,
this is a real application with millions of certificates issued. The
key is an RSA-2048 key.
The TCG (for a while) specified
Public Key Algorithm: rsaesOaep
rather than the commonly used
Public Key Algorithm: rsaEncryption
because the key is an encryption key rather than a signing key.
The X509 certificate parser fails to get the public key.
An alternative fix (I got a patch for 098 from an openssl maintainer)
that accepts rsaOaep would also fix the issue.
More information about the openssl-users