Le 05/03/2012 15:14, Stephen Henson via RT a écrit : >> [steve - Fri Mar 02 03:57:59 2012]: >> >>> [[email protected] - Thu Mar 01 15:44:36 2012]: >>> >>> Hi, >>> >>> In at least OpenSSL 0.9.8s and 1.0.1-beta1 there is a bug in the ASN.1 >>> parser that if one has length data such as >>> >>> 84 00 00 00 00 >>> >>> at the end of a block to be parsed, it will give "header too long" error >>> even though the ASN.1 is valid. >> The last time I looked that wasn't a valid encoding. The length must be >> expressed in the minimum number of octets possible, that applies to BER >> as well as DER. >> > Hmm... must have confused it with something else. That *is* legal. >
No, you were (partly) right. This is legal BER, not DER. -- Erwann ABALEA ----- parturiophone: enceinte acoustique ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
