Fix for x5u, x5c implementation error

hidekatsu-izuno / josekit-rs

JOSE (Javascript Object Signing and Encryption) library for Rust (based on OpenSSL).

Apache License 2.0

69 stars 30 forks source link

Fix for x5u, x5c implementation error #16

Closed curtisleefulton closed 2 years ago

curtisleefulton commented 2 years ago

Fixes set_x509_certificate_chain() and x509_certificate_chain() implementation error.

Per RFC 7515, 4.1.6 (https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.6) each string entry in the x5c header parameter is a "base64-encoded (Section 4 of [RFC4648] -- not base64url-encoded) DER [ITU.X690.2008] PKIX certificate value."

hidekatsu-izuno commented 2 years ago

Thank you for your pull request. I did not notice this mistake. I will release a new version soon.