On 09/18/2017 12:59 AM, Viktor Dukhovni wrote: >> On Sep 17, 2017, at 10:23 PM, Zhang, Lily (USD) <lily.zh...@dell.com> wrote: >> >> Would you help me to take a look this certificate issue? >> In order to send out the file, I added ".txt" in the file name. Please >> remove it before test it. >> >> Leaf_no_rn.cer doesn't have \r\n in the BASE64 string, it can't be parsed by >> openssl. >> Leaf_with_rn.cer is the same as Leaf_no_rn.cer, but it has \r\n in BASE64 >> string. >> Both the attached two certificates can be parsed by Windows. > This is expected, the OpenSSL PEM file reader does not support > input lines with IIRC more than 64 bytes. PEM files are not > supposed to have longer lines. >
The current code in master should not have a particular limit on line lengths for *certificates* -- in test/recipes/04-test_pem_data we have files with 1025 characters on a line, and only use a 256-byte buffer when reading. The PEM format does specify a 64-(base64-)characters-per-line limit when the additional PEM encryption/etc. features are used, but certificates do not use that feature and do not have a line length restriction. Perhaps Lily should specify what version of OpenSSL is in use. -Ben
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
