New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ASN.1 marshaling error with Go strings #3791
Labels
Comments
Here you have an example of this error: http://play.golang.org/p/g2FmkhJBY0 The output is: Marshaled ascii name: [48 47 ... 0] ERROR Marshaling utf8 name: ASN.1 structure error: PrintableString contains invalid character While it should accept UTF-8 string BY DEFAULT, as everything is supposed to be UTF-8 in Go unless otherwise specified. |
Although pkix.Name (for instance) allows to specify ASN.1 type information though the Names Names []AttributeTypeAndValue: type Name struct { Country, Organization, OrganizationalUnit []string Locality, Province []string StreetAddress, PostalCode []string SerialNumber, CommonName string Names []AttributeTypeAndValue } type AttributeTypeAndValue struct { Type asn1.ObjectIdentifier Value interface{} } AttributeTypeAndValue mirrors the ASN.1 structure of the same name in http://tools.ietf.org/html/rfc5280#section-4.1.2.4 I believe that Go's encoding/asn1 should default to UTF8String instead of PrintableString when nothing is specified, because Go's strings are native UTF8 all over except when you want it otherwise, in which case is then that you should be forced to add exceptions or refine your specification, NOT the other way around. |
More on this error. I created a sample CA certificate using a program called SimpleAuhtority (Java): http://simpleauthority.com/ I attach the result for testing. Then I tried to read it and do a asn1 marshal again with the name with this program: http://play.golang.org/p/lZWjQP0iZI The result is that: 1) The certificate is properly read, no problem to get UTF8 string values within the CommonName... BUT 2) It cannot marshal it again cause it defaults to printable string, even though there is some data in pkix.Name.Names. The output I got with this test is: $ go run pemreader.go CommonName ñÑáéíóú Names 0: {[2 5 4 6] ES} Names 1: {[2 5 4 10] Your Organisation Name} Names 2: {[2 5 4 11] Certification Authority} Names 3: {[2 5 4 3] ñÑáéíóú} ERROR Marshaling utf8 name: ASN.1 structure error: PrintableString contains invalid character Attachments:
|
As you might have noticed, ASN.1 strings are a disaster. I don't believe that we want to use UTF8String everywhere for compatibility reasons. However, it does seem that we could do better here: i.e. switch to UTF8String when needed and PrintableString otherwise. Labels changed: added priority-soon, removed priority-triage. Owner changed to @agl. Status changed to Accepted. |
I am trying to write a WebCA in go: github.com/josvazg/webca I just need to be able to let the user create certificates with names like "estoEsUnaÑ" or attributes like my current home town, "Torrejón de Ardoz" without the app failing on them. The test in which I reseralized the certificate was just to see if pkix.Name.Names included ASN.1 type information that could avoid the error, and the answer was NO. In my code, on the other hand, I fill a pkix.Name struct that I pass to generate a certificate in a similar way you do it on your go tests. |
http://golang.org/cl/6348074 sent for review. |
This issue was closed by revision eeffa73. Status changed to Fixed. |
This issue was closed.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
by josvazg:
The text was updated successfully, but these errors were encountered: