Unusual certificates
Angus Robertson - Magenta Systems Ltd
angus at magsys.co.uk
Thu Jun 25 13:59:00 UTC 2020
More information, the original certificates supplied by the end user
had unwrapped base64 blocks, lines 2,500 long. I wrapped them for
email.
If I try the asn1parse command on the wrapped certificates, they now
attempt to parse, the OK is fine, the bad one now gives an error
message from asn1parse:
Error in encoding
20236:error:0D07209B:asn1 encoding routines:ASN1_get_object:too
long:crypto\asn1\asn1_lib.c:91:
and error:09091064:PEM routines:PEM_read_bio_ex:bad base64 decode
from PEM_read_bio_X509.
The RFC says 'Parsers MAY handle other line sizes' but it would be good
if OpenSSL gave a 'PEM line too long' error rather than no error. I'll
change my library code to check for line ending in the base64 to give
the user a polite message.
Now the only problem is what is asn1 decoding unhappy with?
Angus
More information about the openssl-users
mailing list