Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8239094

PKCS#9 ChallengePassword attribute does not allow for the UTF8String type

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P4
    • 15
    • None
    • security-libs
    • b12
    • Verified

    Description

      PKCS#10 requests that contain the ChallengePassword attribute cannot be encoded using a UTF8String ASN.1 type. Our implementation conforms to an older version of the PKCS#9 specification that only allowed PrintableString and TeletexString. A wider set of string encodings are allowed in PKCS#9 v2.0 (RFC 2985). Per the RFC our ChallengePassword processing should be able to handle any string encoding allowed under the DirectoryString composite type (from X.520):

      DirectoryString{INTEGER:maxSize} ::= CHOICE {
           teletexString TeletexString(SIZE (1..maxSize,...)),
           printableString PrintableString(SIZE (1..maxSize,...)),
           bmpString BMPString(SIZE (1..maxSize,...)),
           universalString UniversalString(SIZE (1..maxSize,...)),
           uTF8String UTF8String(SIZE (1..maxSize,...)) }

      Attachments

        Issue Links

          Activity

            People

              jnimeh Jamil Nimeh
              jnimeh Jamil Nimeh
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: