ASN1 structure implementation is missing for OID 2.5.4.17 which is PostalCode, and OID 2.5.4.41 (Name) definition

Konjarla, Pavan pavan.konjarla at hp.com
Mon Mar 22 07:00:22 CET 2010


Hello,

Attaching a test certificate with PostalCode attribute.


-----BEGIN CERTIFICATE-----
MIIDRzCCArACCQDEFjfnIvTaLTANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMC
SU4xFDASBgNVBAgTC01haGFyYXNodHJhMQ8wDQYDVQQHEwZNdW1iYWkxDDAKBgNV
BAoTA1RDUzEMMAoGA1UECxMDTkVEMQ4wDAYDVQQDEwVSb2hhbjEkMCIGCSqGSIb3
DQEJARYVcm9oYW4uYW1idXJsZUB0Y3MuY29tMB4XDTA3MDUyODE0MDQxM1oXDTIx
MDIwMzE0MDQxM1owggFHMSQwIgYDVQQDFBt3d3cuYWxsX2RuX3dpdGhvdXRfdXRm
OC5jb20xDDAKBgNVBAsTA05FRDEMMAoGA1UEChMDVENTMQ4wDAYDVQQpEwVSb2hh
bjEPMA0GA1UELBMGTm9JZGVhMQwwCgYDVQQrEwNWRFMxDjAMBgNVBCoTBVZydXNo
MQ0wCwYDVQQEEwRTYXNpMQ4wDAYDVQQuEwVNZXRvbzEWMBQGCSqGSIb3DQEJARYH
YUBiLmNvbTEPMA0GA1UEERMGNDAwMDkzMRIwEAYDVQQMEwlBbGxETkNlcnQxDjAM
BgNVBAUTBVJ1Y2hpMRUwEwYKCZImiZPyLGQBGRYFVnJ1c2gxDTALBgNVBAkTBE1J
REMxDzANBgNVBAcTBk11bWJhaTELMAkGA1UEBhMCSU4xFDASBgNVBAgTC01haGFy
YXNodHJhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO0gVZhKdxqdBMd1sI
KdW6TUNB0244zbuIzKltmJlOAnpud/94Irz3fiDpwlnoXEWWP8R11XFZg+IAv4nq
Z6YRwQO+lnGPf/IMn/ES1X0xYGSGQsedS2lCGeMZGoES1tJrkbtvJ2v1fyVEp670
8sG4WIu50+wI0eeIdVknN4QaEQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAB1M+C7Q
PNRCLM4H36T+7hUXYxvhd3EzLoLe5REorJAemoazB5FGNv7QyhOqKDXUaWp5pcC4
MQrvoWDpfueF+yBgophXy5FxYW0f95mftUnRZFT/ALSAlnpmWnz/Osq6iNssiJjs
wRa6CTuDR+WSIQt2pZyxkTf+ILEsoydcudwl
-----END CERTIFICATE-----


Regards,
Pavan

-----Original Message-----
From: Nikos Mavrogiannopoulos [mailto:n.mavrogiannopoulos at gmail.com] On Behalf Of Nikos Mavrogiannopoulos
Sent: Saturday, March 20, 2010 5:03 PM
To: Konjarla, Pavan
Cc: bug-gnutls at gnu.org
Subject: Re: ASN1 structure implementation is missing for OID 2.5.4.17 which is PostalCode, and OID 2.5.4.41 (Name) definition

Konjarla, Pavan wrote:
> Hello,
> 
> GnuTLS certtool is unable to display the correct value of Postal Code when the certificate subject contains 'Postal Code' as its one of DN fields.
> 
>  The scenario how to reproduce is as follows,
> 
> 
> 1.       Create a CSR with a DN which contains Postal Code as one of its DN attributes.
> 
> 2.       Send the CSR to any CA for test certificate.
> 
> 3.       After getting the certificate display the certificate using the certtool  with ./certtool -i -infile <certificate>  command.
> 
> 4.       Observed that the value for Postal Code is displayed something like PostalCode=#0c06343030303933 instead of a valid decimal value.
> 
> 
> To fix this problem we should add the definition for Postal Code with the corresponding OID in ASN1 structure.
> 
>  I am attaching the patch file with the feasible fix. Kindly let me know if you need any other information/clarification.

Hello and thank you for the report and fix. I have committed a fix based
on your patch. However would it be easy to you a send me a certificate
that includes the postalcode and/or name so that I can verify parsing
them right?

regards,
Nikos





More information about the Gnutls-devel mailing list