[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: [openssl-users] X509 certificate algorithm
From: Ken Goldman <kgoldman () us ! ibm ! com>
Date: 2018-04-25 16:58:49
Message-ID: pbqc06$3g0$1 () blaine ! gmane ! org
[Download RAW message or body]
On 08/16/12 09:33, Dr. Stephen Henson wrote:
> On Thu, Aug 16, 2012, Kenneth Goldman wrote:
>
>> I call these:
>>
>> d2i_X509()
>> X509_print_fp()
>>
>> which calls
>> pkey_set_type()
>> EVP_PKEY_asn1_find()
>> and that call fails.
>>
>> I've traced the following error down to the rsaOAEP algorithm, which has a
>> nid of 919. I've included both the openssl and dumpasn1 dump of the
>> X509 certificate. Am I doing something wrong in openssl, or is there
>> a problem with the certificate? I tried certificates from two
>> vendors, and they both fail at the same point.
>>
>>
>
> Well the problem is that OpenSSL doesn't currently support OAEP certificates.
> I've never come across one so if you could send an example that would be
> useful.
I'm back working with these certificates and find that it still fails
with the latest openssl.
Another user has apparently hit the same issue.
https://github.com/openssl/openssl/pull/1441
Is there any chance of rsaOAEP being supported?
These are TPM 1.2 endorsement key certificates and there are
(unfortunately) 100M's of them shipped.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic