Looking at test cases https://github.com/openssl/openssl/blob/OpenSSL_1_1_1-stable/test/recipes/04-test_pem.t , openssl indeed is a parser that can handle other line sizes than 64 chars. If we were to strictly follow RFC, shouldn't we error out none 64 line size (except last line which could be equal or less than 64)? Leaving it "undefined behavior" would invite issues.
On Thu, Feb 25, 2021 at 2:57 AM Matthias Buehlmann < matthias.buehlm...@mabulous.com> wrote: > „Parsers MAYhandle other line sizes.These requirements are consistent with > PEM [RFC1421 <https://tools.ietf.org/html/rfc1421>].“ > > > It‘s not a bug, it‘s undefined behaviour. > > On Wed, 24 Feb 2021 at 20:20 Frank Liu <gfrank...@gmail.com> wrote: > >> Hi, >> >> I noticed openssl 1.0.1 and 1.0.2 can't read a certificate PEM file with >> base64 line size of multiples of 1265. Any other line size seems to be >> fine, even though rfc7468 says "exactly 64 characters except for the final >> line". >> >> The same pem file can be read fine with latest openssl 1.1.1j. Does >> anybody know the bug or PR when that was fixed? >> >> Thanks! >> Frank >> >