Keytool does not agree with RFC 8410
Wei-Jun Wang
weijun.wang at oracle.com
Sun Jan 31 19:00:14 UTC 2021
https://bugs.openjdk.java.net/browse/JDK-8260693 filed.
Thanks,
Max
> On Jan 31, 2021, at 2:12 AM, Anders Rundgren <anders.rundgren.net at gmail.com> wrote:
>
> Since the JDK bug report tool does not include "keytool" I posted this here.
>
> Keytool for JDK 15 reports "Subject Public Key Algorithm: XDH key of unknown size" for a certificate containing the following public key:
>
> 148: SEQUENCE {
> 150: SEQUENCE {
> 152: OBJECT IDENTIFIER X25519 (1.3.101.110)
> }
> 157: BIT STRING, 32 bytes
> 0000: a3 5e 94 ef bd d0 41 86 90 07 87 9e 80 d0 a5 76 '.^....A........v'
> 0010: 0e a1 ba 82 19 2e c3 90 21 89 05 5a f6 d9 e6 50 '........!..Z...P'
> }
>
> which seems to be aligned with: https://tools.ietf.org/html/rfc8410#section-10.2
>
> You can verify this issue by importing the certificate in the RFC.
>
> Anders
More information about the security-dev
mailing list