Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Re-Encoding of Certificate to from X509Certificate differs #101

Open
yschimke opened this issue Feb 5, 2022 · 2 comments
Open

Re-Encoding of Certificate to from X509Certificate differs #101

yschimke opened this issue Feb 5, 2022 · 2 comments

Comments

@yschimke
Copy link
Collaborator

yschimke commented Feb 5, 2022

Certificate / TBSCertificate / SEQUENCE OF / SET OF / AttributeTypeAndValue
AttributeTypeAndValue(type=2.5.4.6, value=US)

This ordering of UTF-8 and PrintableString are not bi-directional

  private val attributeTypeAndValue: BasicDerAdapter<AttributeTypeAndValue> = Adapters.sequence(
      "AttributeTypeAndValue",
      Adapters.OBJECT_IDENTIFIER,
      Adapters.any(
          String::class to Adapters.UTF8_STRING,
          Nothing::class to Adapters.PRINTABLE_STRING,
          Unit::class to Adapters.TELETEX,
          AnyValue::class to Adapters.ANY_VALUE
      ),

https://www.alvestrand.no/objectid/2.5.4.6.html

oid: 2.5.4.6 - id-at-countryName
060355040613025553
vs
06035504060c025553

From #95
@yschimke
Copy link
Collaborator Author

yschimke commented Feb 5, 2022

Doesn't seem to break signatures. But does mean that #94 shouldn't optimistically convert to Certificate since that is a destructive operation.

@yschimke
Copy link
Collaborator Author

yschimke commented Feb 5, 2022

Probably not fatal, since the serial number and publicKeySha256 are unaffected.

Also see certificates have variability also

//github.com/sensu/sensu-go/issues/3985 (subtweeting)

But it is incorrect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yschimke