Details
-
Bug
-
Resolution: Fixed
-
P4
-
None
-
b12
-
Verified
Description
PKCS#10 requests that contain the ChallengePassword attribute cannot be encoded using a UTF8String ASN.1 type. Our implementation conforms to an older version of the PKCS#9 specification that only allowed PrintableString and TeletexString. A wider set of string encodings are allowed in PKCS#9 v2.0 (RFC 2985). Per the RFC our ChallengePassword processing should be able to handle any string encoding allowed under the DirectoryString composite type (from X.520):
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
Attachments
Issue Links
- is blocked by
-
JDK-8239264 Clearup the legacy ObjectIdentifier constructor from int array
- Resolved
- relates to
-
JDK-8239950 Update PKCS9 Attributes to PKCS#9 v2.0 Encodings
- Resolved