public_key: Workaround for incorrectly encoded utf8 emailAddress

Author: Daniel Barney <[email protected]>
Date:   Thu Oct 25 14:33:11 2012 -0600

    Most common browsers are lax in thier handling of how the
    emailAddress field is encoded. RFC 3280 section 4.1.2.6
    defines the encoding as IA5String, however browsers will
    also handle certificates with the emailAddress field
    encoded as UTF8String. This fix allows the emailAddress
    to be decoded as both an IA5String and an UTF8String.

Reviewed by: Andrew Bennett <[email protected]>

1 files changed, 10 insertions, 1 deletions

diff --git a/lib/public_key/src/pubkey_cert_records.erl b/lib/public_key/src/pubkey_cert_records.erl
index 0449129809..fdd89aa70d 100644
--- a/lib/public_key/src/pubkey_cert_records.erl
+++ b/lib/public_key/src/pubkey_cert_records.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2008-2012. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2013. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -67,6 +67,15 @@ transform(#'AttributeTypeAndValue'{type=Id,value=Value0} = ATAV, Func) ->
 		    {ok, {printableString, ASCCI}} ->
 			{ok, ASCCI}
 		end;
+	    'EmailAddress' when Func == decode ->
+		%% Workaround that some certificates break the ASN-1 spec
+		%% and encode emailAddress as utf8
+		case 'OTP-PUB-KEY':Func('OTP-emailAddress', Value0) of
+		    {ok, {utf8String, Utf8Value}} ->
+			{ok, unicode:characters_to_list(Utf8Value)};
+		    {ok, {ia5String, Ia5Value}} ->
+			{ok, Ia5Value}
+		end;
             Type when is_atom(Type) -> 'OTP-PUB-KEY':Func(Type, Value0);
             _UnknownType            -> {ok, Value0}
         end,