no need to keep this ticket, tracking the PR on github.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4698
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
On 10/05/2016 09:15 AM, Kaduk, Ben via RT wrote:
> I refactored this stuff a while ago to add a flags field that would
> force the temporary read buffer to be allocated from the secure heap; I
> should really dig it up and clean it up for master.
That's https://github.com/openssl/openssl/pull/1700
One more reference: https://tools.ietf.org/html/rfc4648#section-3.3
describes the considerations for 'non-base64 characters'.
Short form: MIME requires that they be ignored. 7468 says SHOULD.
4648 says 'reject, unless the referencing spec says otherwise' (which
7468 does.)
I wrote previously that
On 10/05/2016 07:56 AM, Richard Levitte via RT wrote:
> To be noted, there's more in section 2:
>
>Most extant parsers ignore blanks at the ends of lines; blanks at the
>beginnings of lines or in the middle of the base64-encoded data are
>far less compatible. These observations are cod
On 05-Oct-16 08:56, Richard Levitte via RT wrote:
> To be noted, there's more in section 2:
>
>Most extant parsers ignore blanks at the ends of lines; blanks at the
>beginnings of lines or in the middle of the base64-encoded data are
>far less compatible. These observations are codifie
To be noted, there's more in section 2:
Most extant parsers ignore blanks at the ends of lines; blanks at the
beginnings of lines or in the middle of the base64-encoded data are
far less compatible. These observations are codified in Figure 1.
The most lax parser implementations are n
On 05-Oct-16 07:52, Salz, Rich via RT wrote:
> Well, it is a SHOULD not a MUST. But point taken it could be (much) better :)
>
>
It's an important SHOULD. Whitespace introduction happens in the wild.
This is the quote from the OpenXPKI folks:
> I just saw this today at a customer install that a
Well, it is a SHOULD not a MUST. But point taken it could be (much) better :)
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4698
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-d
PEM consists of base64 inside a header and trailer line.
OpenSSL crashes with embedded newlines. This was mentioned to me by the
OpenXPKI project.
See RFC 7468 section 2:
Data before the encapsulation boundaries are
permitted, and parsers MUST NOT malfunction when processing such
data.