Trevor Yann wrote:
>
> I have a certificate that has part of the subject encoded as a
> UniversalString type.
>
> When the data is converted to a string using X509_NAME_oneline (in
> x509/x509_obj.c) the characters are printed with leading null bytes.
>
> There is code for handling strings encoded as type GeneralString,
> treating the characters as 32 bit values. This seems to be exactly the
> handling required for UniversalString. I am not sure whether this is a
> bug - V_ASN1_GENERALSTRING should be replaced with
> V_ASN1_UNIVERSALSTRING, or whether the code should be modified to treat
> UniversalString the same way that GeneralString is being answered.
>
X509_NAME_oneline() is obsolete and very broken as should be apparent
:-)
X509_NAME_print_ex() should be used instead. It has lots of options to
handle UniversalStrings, BMPStrings and UTF8Strings and convert to
various formats.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
