ssl & public_key: Workaround that some certificates encode countryname as utf8 and close down gracefully if other ASN-1 errors occur.

The reason certificate_unknown that is used as ALERT for ASN-1 encoding failure is described as:
      Some other (unspecified) issue arose in processing the
      certificate, rendering it unacceptable.

1 files changed, 10 insertions, 1 deletions

diff --git a/lib/public_key/src/pubkey_cert_records.erl b/lib/public_key/src/pubkey_cert_records.erl
index b86d7a1f0c..33fe940ea2 100644
--- a/lib/public_key/src/pubkey_cert_records.erl
+++ b/lib/public_key/src/pubkey_cert_records.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2008-2011. All Rights Reserved.
+%% Copyright Ericsson AB 2008-2012. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -57,6 +57,15 @@ transform(#'OTPTBSCertificate'{}= TBS, decode) ->
 transform(#'AttributeTypeAndValue'{type=Id,value=Value0} = ATAV, Func) ->
     {ok, Value} =
         case attribute_type(Id) of
+	    'X520countryName'when Func == decode ->
+		%% Workaround that some certificates break the ASN-1 spec
+		%% and encode countryname as utf8
+		case 'OTP-PUB-KEY':Func('OTP-X520countryname', Value0) of
+		    {ok, {utf8String, Utf8Value}} ->
+			{ok, unicode:characters_to_list(Utf8Value)};
+		    {ok, {printableString, ASCCI}} ->
+			{ok, ASCCI}
+		end;
             Type when is_atom(Type) -> 'OTP-PUB-KEY':Func(Type, Value0);
             _UnknownType            -> {ok, Value0}
         end,