[jboss-jira] [JBoss JIRA] (ELY-1587) X500 principal [CN=client] was not decoded - no values of attribute [2.5.4.3]

Jan Kalina (JIRA) issues at jboss.org
Tue May 29 14:01:00 EDT 2018 

    [ https://issues.jboss.org/browse/ELY-1587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13583834#comment-13583834 ] 

Jan Kalina edited comment on ELY-1587 at 5/29/18 2:00 PM:
----------------------------------------------------------

PR successfully checked against attached certificate too - thanks!
Automatic unit test use builder as suggested by David above.


was (Author: honza889):
PR successfully checked against attached certificate too - thanks! 

> X500 principal [CN=client] was not decoded - no values of attribute [2.5.4.3]
> -----------------------------------------------------------------------------
>
>                 Key: ELY-1587
>                 URL: https://issues.jboss.org/browse/ELY-1587
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: Certificate Authority, X.500
>    Affects Versions: 1.3.2.Final
>            Reporter: Martin Choma
>            Assignee: Jan Kalina
>            Priority: Critical
>             Fix For: 1.4.0.CR1
>
>         Attachments: client.asn1, client.cer
>
>
> Debugging revealed certificate use {{utf8String}} representation whereas Elytron is expecting {{printableString}}
> In rfc 5280 [1] chapter 4.1.2.4. Issuer there is specified value of subject/issuer can be of 5 types
> {code}
>    DirectoryString ::= CHOICE {
>          teletexString           TeletexString (SIZE (1..MAX)),
>          printableString         PrintableString (SIZE (1..MAX)),
>          universalString         UniversalString (SIZE (1..MAX)),
>          utf8String              UTF8String (SIZE (1..MAX)),
>          bmpString               BMPString (SIZE (1..MAX)) }
> {code}
> However Elytron X500 principal decoder [2] can handle only 2 of them PRINTABLE_STRING_TYPE and IA5_STRING_TYPE (not sure which type of rfc does that match) [2]
> Definitely missing {{utf8String}} (my case). Also revise for backward compatibility {{teletexString}}, {{bmpString}} and {{universalString}}
> [1] https://www.ietf.org/rfc/rfc5280.txt
> [2] https://github.com/wildfly-security/wildfly-elytron/blob/32ff7c17965b3ecae6be7ce1c9b96ab642ddc4ad/src/main/java/org/wildfly/security/x500/util/X500PrincipalUtil.java#L95



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list