From d607dd7e5bc5c08854ec0c9baff70ba4a35be36f Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Mon, 29 May 2017 16:33:20 -0500 Subject: Enlarge _oid2txt buffer to handle larger OIDs (#3612) The OpenSSL manual recommends a buffer size of 80 for OBJ_oid2txt: https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values. But OIDs longer than this occur in real life (e.g. Active Directory makes some very long OIDs). If the length of the stringified OID exceeds the buffer size, allocate a new buffer that is big enough to hold the stringified OID, and re-do the conversion into the new buffer. --- docs/development/test-vectors.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs/development/test-vectors.rst') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 868619a6..a1d8b11e 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -156,6 +156,9 @@ X.509 RSA with SHA1. * ``badssl-sct.pem`` - A certificate with the certificate transparency signed certificate timestamp extension. +* ``bigoid.pem`` - A certificate with a rather long OID in the + Certificate Policies extension. We need to make sure we can parse + long OIDs. Custom X.509 Vectors ~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3