On 8/9/2018 10:51 AM, Stephane van Hardeveld wrote:
I will discuss this, but as far as I understand, these OID are allowed by
the X 509 standard:
4.1.2.7. Subject Public Key Info
[snip]
And in rfc4055, 4.1
Openssl is capable of parsing it, only retrieving it gives an error on
unknown algorithm (which is correct, since only rsaEncryption OID is
recognized). Java I did not try yet, but the online ASN.1 parsers were also
capable of decoding it, see enclosed png.
I understand that the X509 standard permits it.
However, I'm looking at the practical side - crypto libraries.
If openssl, Java, etc. can't use the results, and a typical CA can't
create the certificate, then you require custom code.
The drawback is that custom code, especially DER parsing code, is a
security risk. It's hard to get correct when facing an attacker sending
malformed certificates.
You have to decide whether the benefit to this "meets the X509 standard
but isn't supported" OID is worth the potential for an exploitable bug.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
