From: Michael Forney <mforney@mforney.org>
To: 9front@9front.org
Subject: Re: [9front] letsencrypt vs rsa2csr
Date: Sun, 8 Aug 2021 13:23:27 -0700 [thread overview]
Message-ID: <CAGw6cBszWrCEW=wjAULMk11MK9To_1Qv1JFOsqcFYW0f3ENefw@mail.gmail.com> (raw)
In-Reply-To: <ABE4F143AA41FE67CB5ADEF1A69DBA02@eigenstate.org>
On 2021-08-08, ori@eigenstate.org <ori@eigenstate.org> wrote:
> Here's a patch that changes this. I'm not
> a native asn.1 speaker, so I'm not entirely
> sure that this is correct.
I think it is correct, it doesn't really make sense to have a
primitive set/sequence.
The basic encoding rules (of which DER is a subset) in X.690 say[0]:
8.9.1 The encoding of a sequence value shall be constructed.
8.10.1 The encoding of a sequence-of value shall be constructed.
8.11.1 The encoding of a set value shall be constructed.
8.12.1 The encoding of a set-of value shall be constructed.
> //.git/fs/object/3909b83a90ff0c820ef7c903a03fc12b043ebfea/tree/sys/src/libsec/port/x509.c
> +++ sys/src/libsec/port/x509.c
> @@ -1025,8 +1025,8 @@
> el = e.val.u.setval;
> else
> err = ASN_EINVAL;
> + *pconstr = CONSTR_MASK;
> if(el != nil) {
> - *pconstr = CONSTR_MASK;
> for(; el != nil; el = el->tl) {
> err = enc(&p, el->hd, lenonly);
> if(err != ASN_OK)
You could go a step further and remove the if-statement as well. It is
already taken care of by the initial for-loop condition.
[0] https://www.itu.int/rec/T-REC-X.690-202102-I/en
next prev parent reply other threads:[~2021-08-09 6:32 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-08 16:05 ori
2021-08-08 20:23 ` Michael Forney [this message]
2021-08-08 23:54 ` ori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGw6cBszWrCEW=wjAULMk11MK9To_1Qv1JFOsqcFYW0f3ENefw@mail.gmail.com' \
--to=mforney@mforney.org \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).