From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=DKIM_SIGNED,DKIM_VALID autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 21927 invoked from network); 9 Aug 2021 06:32:21 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 9 Aug 2021 06:32:21 -0000 Received: from mail-yb1-f172.google.com ([209.85.219.172]) by 1ess; Sun Aug 8 16:23:46 -0400 2021 Received: by mail-yb1-f172.google.com with SMTP id b133so25641033ybg.4 for <9front@9front.org>; Sun, 08 Aug 2021 13:23:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mforney-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=KvmpmjpJq4GqI8H/I6NSnaSWjjFl8oRoMpe9l1ocT7E=; b=gRRtcM3CyWf/iGcQlPzd0yshzW6+FDE9MTv16QKazyy44KMehFx5WgmiQp3Sdjx7FM xWia0wKWfgu3BN1xKjtPiHU8Zdb40s9thOsNBgptW4ExrUYsLTz5S2FAuvgLnR+WMnki uRKax55BhgdPQgVF0xvRMsnSDYq0tEiQ4nkxsurR5XFTYCJlCctan3QrmsEorns2I0MF wmEQ3YX2Zl7xz1qjqGy0B5I77A4Vg++/PmrsFQAwGShcOyRXgT87gOarrJTURkgOq+p4 OdPCWM0j/7bD5HW2QcQg6cK0fAp+vr5L6wDgOBhWmYOfHJsV3sS7rCHZWSv46/W+YqIw WLjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=KvmpmjpJq4GqI8H/I6NSnaSWjjFl8oRoMpe9l1ocT7E=; b=Lm7fosn6MujIK+vHwetFV+HlNol/f8WccnyK0fCne9RHVVfXfBNmeZuB5g8kT4I5T3 BVjNCrDlg26RiVYobZ7W+kz+7RCC3imREsYVuZGfJZaRvGGtjiSVecBhVt8aIhYb8Cr5 CLHCbXmNvisaj2MH07KRjE8vZRKH7JvG6GIBqEvf0XsW1q2G0FK2pxHhQ1NbFI2ffOnn faXrI7pinwc3oMPerruti7hBpB/BPGgOr1JCtlpkHpB0RCXUdzireMfmxFVQXdHi11an JY3c5ht9pH7nG4uBZ/ynZthnXF7MLHtL/mUlAOiYSY2TWONxWeRcOjVu0VrLQRUZ+och OjDw== X-Gm-Message-State: AOAM5321bw0a8S4D1dKlEiBXt963UAlCe7gwCRAsQxbpD5SjmIHao0yw /8dEmfctBlZ8PqHuHd3vtzbzaB0evEOztL1o/p4guOBtuIXFDQ== X-Google-Smtp-Source: ABdhPJzrlDJiGA6M/yUUC0MfDaYIxuflDDbbFJHI/7XL1DJixGK2iUGXiZfQgVJKzqqs5qA5X3vQhZEhhSZywtx93Y0= X-Received: by 2002:a25:a109:: with SMTP id z9mr26010420ybh.279.1628454208409; Sun, 08 Aug 2021 13:23:28 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a81:1d8a:0:0:0:0:0 with HTTP; Sun, 8 Aug 2021 13:23:27 -0700 (PDT) X-Originating-IP: [98.45.152.168] In-Reply-To: References: From: Michael Forney Date: Sun, 8 Aug 2021 13:23:27 -0700 Message-ID: To: 9front@9front.org Content-Type: text/plain; charset="UTF-8" List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: scale-out session-based dependency full-stack controller Subject: Re: [9front] letsencrypt vs rsa2csr Reply-To: 9front@9front.org Precedence: bulk On 2021-08-08, ori@eigenstate.org wrote: > Here's a patch that changes this. I'm not > a native asn.1 speaker, so I'm not entirely > sure that this is correct. I think it is correct, it doesn't really make sense to have a primitive set/sequence. The basic encoding rules (of which DER is a subset) in X.690 say[0]: 8.9.1 The encoding of a sequence value shall be constructed. 8.10.1 The encoding of a sequence-of value shall be constructed. 8.11.1 The encoding of a set value shall be constructed. 8.12.1 The encoding of a set-of value shall be constructed. > //.git/fs/object/3909b83a90ff0c820ef7c903a03fc12b043ebfea/tree/sys/src/libsec/port/x509.c > +++ sys/src/libsec/port/x509.c > @@ -1025,8 +1025,8 @@ > el = e.val.u.setval; > else > err = ASN_EINVAL; > + *pconstr = CONSTR_MASK; > if(el != nil) { > - *pconstr = CONSTR_MASK; > for(; el != nil; el = el->tl) { > err = enc(&p, el->hd, lenonly); > if(err != ASN_OK) You could go a step further and remove the if-statement as well. It is already taken care of by the initial for-loop condition. [0] https://www.itu.int/rec/T-REC-X.690-202102-I/en