Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1587

X500 principal [CN=client] was not decoded - no values of attribute [2.5.4.3]

XMLWordPrintable

      Debugging revealed certificate use utf8String representation whereas Elytron is expecting printableString

      In rfc 5280 [1] chapter 4.1.2.4. Issuer there is specified value of subject/issuer can be of 5 types

         DirectoryString ::= CHOICE {
         teletexString           TeletexString (SIZE (1..MAX)),
         printableString         PrintableString (SIZE (1..MAX)),
         universalString         UniversalString (SIZE (1..MAX)),
         utf8String              UTF8String (SIZE (1..MAX)),
         bmpString               BMPString (SIZE (1..MAX)) }

      However Elytron X500 principal decoder [2] can handle only 2 of them PRINTABLE_STRING_TYPE and IA5_STRING_TYPE (not sure which type of rfc does that match) [2]

      Definitely missing utf8String (my case). Also revise for backward compatibility teletexString, bmpString and universalString

      [1] https://www.ietf.org/rfc/rfc5280.txt
      [2] https://github.com/wildfly-security/wildfly-elytron/blob/32ff7c17965b3ecae6be7ce1c9b96ab642ddc4ad/src/main/java/org/wildfly/security/x500/util/X500PrincipalUtil.java#L95

        1. client.asn1
          12 kB
        2. client.cer
          1 kB

              jkalina@redhat.com Jan Kalina (Inactive)
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: