Closed tomfitzhenry closed 10 years ago
awesome tests. I fixed 2563 of those failures, and I'll have a look at the remaining one. Thanks a lot.
No, thank you! Nice response time.
ok the remaining problem is a minor tweak in the ASN.1 parser, and has been fixed in asn1-encoding-v0.8.1.3. There's also now a x509-v1.4.8 that fix the 2563 other failures. I think all the decoding problem is solved now, don't hesitate to re-open if something is missing.
I'm parsing a large number of public certificates from Google's Certificate Transparency log servers, using hs-certificate. Of the 3.4 million certificates parsed so far, only 2,564 certificates have failed.
The 2,564 certificates and code to reproduce the failures is available at https://gist.github.com/tomfitzhenry/9124641 .
The certificates fail to parse for a variety of reasons. Here they are with the number of failures per group: