On 2016-09-25 23:19, Adam Langley wrote:
On Sun, Sep 25, 2016 at 2:06 PM, Henrick Hellström <[email protected]> wrote:
Have you noticed that BoringSSL seems to abort handshakes with an
illegal_parameter alert, if the server certificate uses the standard
compliant (albeit highly unusual) DER encoding of NULL OPTIONAL as the empty
string, instead of the non-standard but ubiquitous 0x05 0x00 encoding?
In what location do you have an omitted NULL? (I suspect that
BoringSSL's behaviour is deliberate, but I can't say for sure without
knowing which case it is.)
I am referring to the OPTIONAL parameter of AlgorithmIdentifier, which
is set to NULL e.g. when algorithm is rsaEncryption,
sha256WithRsaEncryption or id-sha256.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
