[openssl-users] Certificate format question?

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 25 17:35:31 UTC 2018

That particular parser tries to parse an arbitrary single
PEM-encoded object, rather than a first object of a particular
type (as with "pkey", "req", "x509", ...).  The code for that
is more specialized, and does support leading free-form text.

While it could skip to the first boundary, and a well written
pull request would be welcome, it is not critical for asn1parse
to be able to ignore free-form text above the PEM object.

In the meantime:

   $ perl -ne 'print if (/^-----BEGIN/../^-----END/);' foo.pem |
       openssl asn1parse

> On Sep 25, 2018, at 1:15 PM, Hubert Kario <hkario at redhat.com> wrote:
> then it looks like the parser used in asn1parse -inform pem is non-
> compliant...
> https://github.com/openssl/openssl/issues/7317


More information about the openssl-users mailing list