From ef6922881585771ecb9d934cf01f9f1f8ad62211 Mon Sep 17 00:00:00 2001 From: Andrew Bennett Date: Thu, 7 Nov 2013 16:11:21 -0700 Subject: public_key: Workaround for incorrectly encoded utf8 emailAddress Author: Daniel Barney Date: Thu Oct 25 14:33:11 2012 -0600 Most common browsers are lax in thier handling of how the emailAddress field is encoded. RFC 3280 section 4.1.2.6 defines the encoding as IA5String, however browsers will also handle certificates with the emailAddress field encoded as UTF8String. This fix allows the emailAddress to be decoded as both an IA5String and an UTF8String. Reviewed by: Andrew Bennett --- lib/public_key/src/pubkey_cert_records.erl | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'lib/public_key/src') diff --git a/lib/public_key/src/pubkey_cert_records.erl b/lib/public_key/src/pubkey_cert_records.erl index 0449129809..fdd89aa70d 100644 --- a/lib/public_key/src/pubkey_cert_records.erl +++ b/lib/public_key/src/pubkey_cert_records.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2008-2012. All Rights Reserved. +%% Copyright Ericsson AB 2008-2013. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -67,6 +67,15 @@ transform(#'AttributeTypeAndValue'{type=Id,value=Value0} = ATAV, Func) -> {ok, {printableString, ASCCI}} -> {ok, ASCCI} end; + 'EmailAddress' when Func == decode -> + %% Workaround that some certificates break the ASN-1 spec + %% and encode emailAddress as utf8 + case 'OTP-PUB-KEY':Func('OTP-emailAddress', Value0) of + {ok, {utf8String, Utf8Value}} -> + {ok, unicode:characters_to_list(Utf8Value)}; + {ok, {ia5String, Ia5Value}} -> + {ok, Ia5Value} + end; Type when is_atom(Type) -> 'OTP-PUB-KEY':Func(Type, Value0); _UnknownType -> {ok, Value0} end, -- cgit v1.2.3