x509 extensions: can the "extnValue" be empty?

Question

I'm writing a script that parses x509 certificates. x509 v3 certificates have extensions which are an ASN.1 sequence containing an OID, a critical flag, and an octetString called extnValue.

For the basicConstraints extension, the extnValue is supposed to be another ASN.1 sequence with the details.

I've encountered a certificate that had an empty sequence there instead. Literally the bytes 0x30 0x00 which parse to an ASN.1 sequence of zero length, instead of the expected set of data (boolean for certificate authority and an integer for path length.

The fact that I found a cert in the wild with this quality implies that it is valid, but I was hoping to find a concrete protocol rule about this so my script can handle it correctly instead of throwing an error.

score 4 · Accepted Answer · edited Oct 07 '21 at 07:59

extnValue isn't empty, it's 30 00, which is an empty sequence.

https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.9 says that the encoding of a Basic Constraints extension value is

BasicConstraints ::= SEQUENCE {
    cA                      BOOLEAN DEFAULT FALSE,
    pathLenConstraint       INTEGER (0..MAX) OPTIONAL }

The empty sequence is therefore logically { cA: FALSE, pathLenConstraint: Not Present }.

Because certificates use ASN.1 DER encoding, a DEFAULT value should never be specified, and the text says that pathLenConstraint should never be specified when cA is set to FALSE, so 30 00 is the only valid form for "this certificate does not represent a Certificate Authority".

Great thank you! Answer is very simple. – pinhead Apr 26 '20 at 00:46 — pinhead, Apr 26 '20 at 00:46

x509 extensions: can the "extnValue" be empty?

1 Answers1