Re: Openssl failed to decrypt certificate without \r\n

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I used OpenSSL 1.0.2h 

OpenSSL> version

OpenSSL 1.0.2h  3 May 2016

 

Thanks

Lily

 

From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of Benjamin Kaduk via openssl-users
Sent: Monday, September 18, 2017 8:24 PM
To: openssl-users@xxxxxxxxxxx; Viktor Dukhovni
Subject: Re: [openssl-users] Openssl failed to decrypt certificate without \r\n

 

On 09/18/2017 12:59 AM, Viktor Dukhovni wrote:

 
On Sep 17, 2017, at 10:23 PM, Zhang, Lily (USD) <Lily.Zhang@xxxxxxxx> wrote:
 
Would you help me to take a look this certificate issue?
In order to send out the file, I added ".txt" in the file name. Please remove it before test it.
 
Leaf_no_rn.cer doesn't have \r\n in the BASE64 string, it can't be parsed by openssl.
Leaf_with_rn.cer is the same as Leaf_no_rn.cer, but it has \r\n in BASE64 string. 
Both the attached two certificates can be parsed by Windows.
 
This is expected, the OpenSSL PEM file reader does not support
input lines with IIRC more than 64 bytes.  PEM files are not
supposed to have longer lines.
 


The current code in master should not have a particular limit on line lengths for *certificates* -- in test/recipes/04-test_pem_data we have files with 1025 characters on a line, and only use a 256-byte buffer when reading.  The PEM format does specify a 64-(base64-)characters-per-line limit when the additional PEM encryption/etc. features are used, but certificates do not use that feature and do not have a line length restriction.  Perhaps Lily should specify what version of OpenSSL is in use.

-Ben

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux