-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P4
-
Affects Version/s: None
-
Component/s: security-libs
-
b12
-
Verified
PKCS#10 requests that contain the ChallengePassword attribute cannot be encoded using a UTF8String ASN.1 type. Our implementation conforms to an older version of the PKCS#9 specification that only allowed PrintableString and TeletexString. A wider set of string encodings are allowed in PKCS#9 v2.0 (RFC 2985). Per the RFC our ChallengePassword processing should be able to handle any string encoding allowed under the DirectoryString composite type (from X.520):
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
- is blocked by
-
JDK-8239264 Clearup the legacy ObjectIdentifier constructor from int array
-
- Resolved
-
- relates to
-
-
- Resolved
-