i2d_X509_REQ() -> d2i_X509_REQ() = asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding:a_object.c:287

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Fri Mar 22 18:12:44 UTC 2019

Hmm... Registering an OID dedicated to express this case should be feasible, and perfectly within the ASN.1 rules. One question - where in the OID tree would it live, as offhand I don't have any idea. It can't be too deep down, and also, it better be fairly short.  

>From the ASN.1 point of view - there's nothing dumb in this idea. There's plenty of MIB objects expressing/representing all kinds of things - might as well add this.

On 3/22/19, 12:34, "openssl-users on behalf of Michael Wojcik" <openssl-users-bounces at openssl.org on behalf of Michael.Wojcik at microfocus.com> wrote:

    > From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
    > Viktor Dukhovni
    > Sent: Thursday, March 21, 2019 14:07
    > To: openssl-users at openssl.org
    > > On Mar 21, 2019, at 1:57 PM, Viktor Dukhovni <openssl-users at dukhovni.org>
    > wrote:
    > >
    > >    2.  Emit a "harmless" default OID (such as 0.0), returning to
    > >     the behaviour prior to 1.0.1i
    What about registering a new OID for "missing required object"? Then at least there'd be a standard way to represent this case, and other parsers could decide to accommodate it however they prefer.
    I'm by no means an ASN.1 expert, so this may be a dumb idea.
    Michael Wojcik
    Distinguished Engineer, Micro Focus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190322/6a6cdd2a/attachment.bin>

More information about the openssl-users mailing list