Keytool does not agree with RFC 8410
Anders Rundgren
anders.rundgren.net at gmail.com
Sun Jan 31 07:12:45 UTC 2021
Since the JDK bug report tool does not include "keytool" I posted this here.
Keytool for JDK 15 reports "Subject Public Key Algorithm: XDH key of unknown size" for a certificate containing the following public key:
148: SEQUENCE {
150: SEQUENCE {
152: OBJECT IDENTIFIER X25519 (1.3.101.110)
}
157: BIT STRING, 32 bytes
0000: a3 5e 94 ef bd d0 41 86 90 07 87 9e 80 d0 a5 76 '.^....A........v'
0010: 0e a1 ba 82 19 2e c3 90 21 89 05 5a f6 d9 e6 50 '........!..Z...P'
}
which seems to be aligned with: https://tools.ietf.org/html/rfc8410#section-10.2
You can verify this issue by importing the certificate in the RFC.
Anders
More information about the security-dev
mailing list