On 08/16/12 09:33, Dr. Stephen Henson wrote:
On Thu, Aug 16, 2012, Kenneth Goldman wrote:
I call these:
d2i_X509()
X509_print_fp()
which calls
pkey_set_type()
EVP_PKEY_asn1_find()
and that call fails.
I've traced the following error down to the rsaOAEP algorithm, which has a
nid of 919. I've included both the openssl and dumpasn1 dump of the
X509 certificate. Am I doing something wrong in openssl, or is there
a problem with the certificate? I tried certificates from two
vendors, and they both fail at the same point.
Well the problem is that OpenSSL doesn't currently support OAEP certificates.
I've never come across one so if you could send an example that would be
useful.
I'm back working with these certificates and find that it still fails
with the latest openssl.
Another user has apparently hit the same issue.
https://github.com/openssl/openssl/pull/1441
Is there any chance of rsaOAEP being supported?
These are TPM 1.2 endorsement key certificates and there are
(unfortunately) 100M's of them shipped.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
