ASN1 structure implementation is missing for OID 2.5.4.17 which is PostalCode, and OID 2.5.4.41 (Name) definition
Konjarla, Pavan
pavan.konjarla at hp.com
Mon Mar 22 07:00:22 CET 2010
Hello,
Attaching a test certificate with PostalCode attribute.
-----BEGIN CERTIFICATE-----
MIIDRzCCArACCQDEFjfnIvTaLTANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMC
SU4xFDASBgNVBAgTC01haGFyYXNodHJhMQ8wDQYDVQQHEwZNdW1iYWkxDDAKBgNV
BAoTA1RDUzEMMAoGA1UECxMDTkVEMQ4wDAYDVQQDEwVSb2hhbjEkMCIGCSqGSIb3
DQEJARYVcm9oYW4uYW1idXJsZUB0Y3MuY29tMB4XDTA3MDUyODE0MDQxM1oXDTIx
MDIwMzE0MDQxM1owggFHMSQwIgYDVQQDFBt3d3cuYWxsX2RuX3dpdGhvdXRfdXRm
OC5jb20xDDAKBgNVBAsTA05FRDEMMAoGA1UEChMDVENTMQ4wDAYDVQQpEwVSb2hh
bjEPMA0GA1UELBMGTm9JZGVhMQwwCgYDVQQrEwNWRFMxDjAMBgNVBCoTBVZydXNo
MQ0wCwYDVQQEEwRTYXNpMQ4wDAYDVQQuEwVNZXRvbzEWMBQGCSqGSIb3DQEJARYH
YUBiLmNvbTEPMA0GA1UEERMGNDAwMDkzMRIwEAYDVQQMEwlBbGxETkNlcnQxDjAM
BgNVBAUTBVJ1Y2hpMRUwEwYKCZImiZPyLGQBGRYFVnJ1c2gxDTALBgNVBAkTBE1J
REMxDzANBgNVBAcTBk11bWJhaTELMAkGA1UEBhMCSU4xFDASBgNVBAgTC01haGFy
YXNodHJhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO0gVZhKdxqdBMd1sI
KdW6TUNB0244zbuIzKltmJlOAnpud/94Irz3fiDpwlnoXEWWP8R11XFZg+IAv4nq
Z6YRwQO+lnGPf/IMn/ES1X0xYGSGQsedS2lCGeMZGoES1tJrkbtvJ2v1fyVEp670
8sG4WIu50+wI0eeIdVknN4QaEQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAB1M+C7Q
PNRCLM4H36T+7hUXYxvhd3EzLoLe5REorJAemoazB5FGNv7QyhOqKDXUaWp5pcC4
MQrvoWDpfueF+yBgophXy5FxYW0f95mftUnRZFT/ALSAlnpmWnz/Osq6iNssiJjs
wRa6CTuDR+WSIQt2pZyxkTf+ILEsoydcudwl
-----END CERTIFICATE-----
Regards,
Pavan
-----Original Message-----
From: Nikos Mavrogiannopoulos [mailto:n.mavrogiannopoulos at gmail.com] On Behalf Of Nikos Mavrogiannopoulos
Sent: Saturday, March 20, 2010 5:03 PM
To: Konjarla, Pavan
Cc: bug-gnutls at gnu.org
Subject: Re: ASN1 structure implementation is missing for OID 2.5.4.17 which is PostalCode, and OID 2.5.4.41 (Name) definition
Konjarla, Pavan wrote:
> Hello,
>
> GnuTLS certtool is unable to display the correct value of Postal Code when the certificate subject contains 'Postal Code' as its one of DN fields.
>
> The scenario how to reproduce is as follows,
>
>
> 1. Create a CSR with a DN which contains Postal Code as one of its DN attributes.
>
> 2. Send the CSR to any CA for test certificate.
>
> 3. After getting the certificate display the certificate using the certtool with ./certtool -i -infile <certificate> command.
>
> 4. Observed that the value for Postal Code is displayed something like PostalCode=#0c06343030303933 instead of a valid decimal value.
>
>
> To fix this problem we should add the definition for Postal Code with the corresponding OID in ASN1 structure.
>
> I am attaching the patch file with the feasible fix. Kindly let me know if you need any other information/clarification.
Hello and thank you for the report and fix. I have committed a fix based
on your patch. However would it be easy to you a send me a certificate
that includes the postalcode and/or name so that I can verify parsing
them right?
regards,
Nikos
More information about the Gnutls-devel
mailing list