Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 1.4.0.Final
Affects Version/s: 1.3.2.Final
Component/s: Certificate Authority, X.500
Labels:
None

Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/1145

Description

Debugging revealed certificate use utf8String representation whereas Elytron is expecting printableString

In rfc 5280 [1] chapter 4.1.2.4. Issuer there is specified value of subject/issuer can be of 5 types

   DirectoryString ::= CHOICE {
         teletexString           TeletexString (SIZE (1..MAX)),
         printableString         PrintableString (SIZE (1..MAX)),
         universalString         UniversalString (SIZE (1..MAX)),
         utf8String              UTF8String (SIZE (1..MAX)),
         bmpString               BMPString (SIZE (1..MAX)) }

However Elytron X500 principal decoder [2] can handle only 2 of them PRINTABLE_STRING_TYPE and IA5_STRING_TYPE (not sure which type of rfc does that match) [2]

Definitely missing utf8String (my case). Also revise for backward compatibility teletexString, bmpString and universalString

[1] https://www.ietf.org/rfc/rfc5280.txt
[2] https://github.com/wildfly-security/wildfly-elytron/blob/32ff7c17965b3ecae6be7ce1c9b96ab642ddc4ad/src/main/java/org/wildfly/security/x500/util/X500PrincipalUtil.java#L95

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

client.asn1
12 kB
2018/05/28 9:02 AM
client.cer
1 kB
2018/05/28 8:57 AM

Issue Links

is blocked by

ELY-1572 japicmp force source compatibility, but only binary compatibility is required

Resolved

Activity

People

Assignee:: Jan Kalina (Inactive)

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2018/05/21 5:42 AM

Updated:: 2021/10/24 6:41 AM

Resolved:: 2018/05/31 11:32 AM