Message333224
I also checked how other implementations deal with invalid DER encoding. NSS 3.41, Firefox, and Chromium accept the certifiate.
NSS shows the serial number as "102 (0x66)"
Firefox and Chromium display the serial number as "00:00:00:66".
$ echo "password" > passwd
$ certutil -d . -f passwd -N
$ certutil -d . -f passwd -A -n ca -i ../ca.pem -t C,C,C
$ certutil -d . -L -n ca
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102 (0x66)
Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption
Issuer: "C=RS,L=Beograd,O=MUP Republike Srbije,CN=MUPCA Root"
Validity:
Not Before: Sat Feb 27 16:19:18 2010
Not After : Thu Feb 27 16:19:18 2020
Subject: "C=Re...,L=Beograd,O=MUP Republike Srbije,CN=MUPCA Resursi"
Subject Public Key Info:
Public Key Algorithm: PKCS #1 RSA Encryption
RSA Public Key:
Modulus:
ea:69:46:bc:c7:70:00:d5:f5:32:8d:c7:4e:ad:3a:a5:
d3:29:7e:a2:46:12:a9:dd:57:75:b1:49:95:80:20:ed:
9b:68:6b:e3:c5:55:d8:64:15:68:42:ab:a3:f7:c0:96:
37:08:51:cb:05:ca:b5:99:f6:07:a6:8b:f2:cd:d2:f5:
d6:16:12:da:bf:a8:0b:9c:45:5d:ac:79:1d:a8:67:47:
ee:7f:83:40:f8:58:00:d5:dd:c4:c9:52:1b:d2:f4:ce:
e1:fa:8a:66:d3:18:86:1e:ea:fc:0a:8b:b5:ec:49:cd:
86:bf:8b:7e:b0:61:81:ec:ea:99:4f:64:82:96:93:9d:
ab:80:7d:a7:27:65:00:d4:12:26:98:45:64:7e:76:0b:
98:ff:16:50:49:0c:45:20:82:ce:2e:23:a2:65:3a:b7:
44:cd:51:00:d9:bf:e3:1f:de:23:1d:57:e9:32:c3:55:
f0:24:af:d4:cf:cd:9e:77:1f:19:7e:1c:03:5b:7a:e4:
75:84:3b:d4:1d:e9:23:d6:8c:f2:8f:b2:0d:e3:79:df:
9e:03:1e:0e:15:5b:7b:0c:dd:6e:4d:82:86:5a:63:79:
64:b5:07:79:dd:fd:08:e3:d6:cb:60:01:fd:82:11:59:
2c:8d:22:f8:f9:91:59:b1:cd:12:7b:39:6d:08:82:5d
Exponent: 65537 (0x10001)
Signed Extensions:
Name: Certificate Basic Constraints
Critical: True
Data: Is a CA with no maximum path length.
Name: Certificate Key Usage
Critical: True
Usages: Certificate Signing
CRL Signing
Name: Authority Information Access
Method: PKIX CA issuers access method
Location:
URI: "http://ca.mup.gov.rs/MUPCARoot.crt"
Name: Certificate Subject Key ID
Data:
cb:f9:00:a9:b7:b6:c1:6f:44:43:d0:22:ad:fc:0e:6e:
cc:8f:f6:0f
Name: Certificate Authority Key Identifier
Key ID:
3f:66:b0:0f:66:fb:f0:10:2e:61:a4:6f:ef:2c:95:8a:
14:72:6f:71
Name: CRL Distribution Points
Distribution point:
URI: "http://ca.mup.gov.rs/MUPCARoot.crl"
Signature Algorithm: PKCS #1 SHA-1 With RSA Encryption |
|
Date |
User |
Action |
Args |
2019-01-08 11:45:04 | christian.heimes | set | recipients:
+ christian.heimes, vstinner, pervlad |
2019-01-08 11:45:02 | christian.heimes | set | messageid: <1546947902.31.0.671854035842.issue35665@roundup.psfhosted.org> |
2019-01-08 11:45:02 | christian.heimes | link | issue35665 messages |
2019-01-08 11:45:01 | christian.heimes | create | |
|