[erlang-bugs] x509 certificate decoded string representation is wrong

Daniel Goertzen daniel.goertzen@REDACTED
Thu Jun 12 22:57:15 CEST 2014


In the public_key application, decoding of attributes in x509 certificates
does not always decode to a string as indicated in the documentation.  The
documentation says that the value of commonName (and several other
attributes) should be:

special_string() = {teletexString, string()} | {printableString, string()}
| {universalString, string()} | {utf8String, string()} | {bmpString,
string()}

... however when I decode a cert I see a utf8String coming out as a binary
instead of a string()....

[{'AttributeTypeAndValue',
  {2,5,4,3},
    {utf8String,<<"Daniel Goertzen">>}}],

... and typer shows several other non-string representations (unicode
characters represented by 4-tuples):

-spec dec_X520CommonName(_) ->
{'bmpString',[byte() | {byte(),byte(),byte(),byte()}] | {byte(),binary()}} |
{'printableString',[byte() | {byte(),byte(),byte(),byte()}] |
{byte(),binary()}} |
{'teletexString',[byte() | {byte(),byte(),byte(),byte()}] |
{byte(),binary()}} |
{'universalString',[byte() | {byte(),byte(),byte(),byte()}] |
{byte(),binary()}} |
{'utf8String',_}.



Also, encoding does not accept unicode strings (list of chars).  The
example below crashes.

    Subject = {rdnSequence, [
        [#'AttributeTypeAndValue'{
            type  = ?'id-at-commonName',
            value = {utf8String, [16#4e09|" string starting with a chinese
symbol"]}
        }]
    ]},



I assume that the documentation is right and the decoded representation
should be "list of characters".  Instead internal representations are
coming through.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20140612/912431ec/attachment.htm>


More information about the erlang-bugs mailing list