Closed Bug 479601 Opened 16 years ago Closed 16 years ago

Wrong type (UTF8 String) for email addresses in subject by CERT_AsciiToName

Categories

(NSS :: Libraries, defect, P2)

Product:
NSS
Component:
Libraries
Version:
3.12
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
3.12.3

People

(Reporter: ch-bugsmozilla, Assigned: ch-bugsmozilla)

Details

Attachments

(1 file)

patch for the latest hg version that fixes the bug
164 bytes, text/plain
nelson
: review+
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6 (.NET CLR 3.5.30729) Build Identifier: When CERT_AsciiToName is called with a subject containing an email address like "E=test@test.test", the email address will be typed as UTF8 String. According to RFC 3280 section 4.1.2.6, the type should be IA5String instead: "The attribute value for EmailAddress is of type IA5String to permit inclusion of the character '@', which is not part of the PrintableString character set." I think this sentence is still valid and especially, it was not changed by RFC 4630. Additionally, OpenSSL (tested with 0.9.8h) and Microsoft Outlook 2007 don't recognize the email address if typed as UTF8 String instead of IA5String. In earlier versions of NSS, email addresses were typed correctly, the bug was introduced with version 1.26 of mozilla/security/nss/lib/certdb/alg1485.c <http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&file=alg1485.c&branch=&root=/cvsroot&subdir=mozilla/security/nss/lib/certdb&command=DIFF_FRAMESET&rev1=1.25&rev2=1.26> Reproducible: Didn't try Steps to Reproduce: I haven't tried to reproduce the problem with the NSS tools, but I see the problem, every time I programmatically create a certificate with CERT_AsciiToName("E=test@test.test") as the subject. Calling openssl -in test.cer -email shows that openssl can't find any email address in the certificate (assuming no Subject Alternative Names are set). Actual Results: No email address found by openssl Expected Results: the address test@test.test should have been found I will attach a .diff file for the latest hg version (<http://hg.mozilla.org/mozilla-central/file/855be715f09f/security/nss/lib/certdb/alg1485.c>) that fixes the problem
Attachment #363477 - Attachment mime type: application/octet-stream → text/plain
Attachment #363477 - Flags: review?(nelson)
Comment on attachment 363477 [details] patch for the latest hg version that fixes the bug To whom shall I credit this patch?
Attachment #363477 - Flags: review?(nelson) → review+
Assignee: nobody → chbugzilla
Status: UNCONFIRMED → NEW
Ever confirmed: true
Priority: -- → P2
Target Milestone: --- → 3.12.3
Version: unspecified → 3.12
My name is Christoph Hannebauer.
Thanks, Christoph! Committed on CVS trunk lib/certdb/alg1485.c; new revision: 1.31; previous revision: 1.30
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: