openssl/openssl

The certificate policy extension without the OID part should be invalid

Open

#26,099 opened on 2024年12月3日

GitHub で見る
 (0 comments) (0 reactions) (0 assignees)C (11,262 forks)batch import
branch: masterhelp wantedtriaged: bug

Repository metrics

Stars
 (30,157 stars)
PR merge metrics
 (30d に merged PR はありません)

説明

The description of certificate policy extension is as follows: The certificate policies extension contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. I provided a test case that has a certificate policy extension containing only optional qualifiers without object identifiers, which should be invalid. Golang determined it as follows: invalid certificate policies But openssl doesn't think so. Cert.zip

コントリビューターガイド