search

Ephenodrom / Dart-Basic-Utils

A dart package for many helper methods fitting common situations
MIT License
364 stars 77 forks source link

Tag 164 is not supported yet for X509Util in read Certificate Signing Request (CSR) #73

Closed engaref2000 closed 2 years ago

engaref2000 commented 2 years ago

hi every one. I need help when I try get Certificate from CSR file . the contain of csr file is : var x509Pem ='''-----BEGIN CERTIFICATE REQUEST----- MIIB7TCCAZMCAQAwXzELMAkGA1UEBhMCU0ExEzARBgNVBAsMCjMxMjM0NTY3ODkx EzARBgNVBAoMCjMxMjM0NTY3ODkxJjAkBgNVBAMMHVRTVC04ODY0MzExNDUtMzEy MzQ1Njc4OTAwMDAzMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEkNOiV8GaCBVDnQw2 bM1Wy6PqIRZ6t+/hxJNQxg7FAdWK0PcUiUdv5ry2SVyFSz/qY34IJuPstO01fLWv c41ny6CB1DCB0QYJKoZIhvcNAQkOMYHDMIHAMCEGCSsGAQQBgjcUAgQUDBJaQVRD QS1Db2RlLVNpZ25pbmcwgZoGA1UdEQSBkjCBj6SBjDCBiTE7MDkGA1UEBAwyMS1U U1R8Mi1UU1R8My1lZDIyZjFkOC1lNmEyLTExMTgtOWI1OC1kOWE4ZjExZTQ0NWYx HzAdBgoJkiaJk/IsZAEBDA8zMTIzNDU2Nzg5MDAwMDMxDTALBgNVBAwMBDExMTEx DDAKBgNVBBoMA1RTVDEMMAoGA1UEDwwDVFNUMAoGCCqGSM49BAMCA0gAMEUCIQCJ bnRkFWRGFymr/HW84klYXSoxQLe8yuhewNOD86OdKQIgEeuUUbMzr2C5VGTKAOFo ia4a0ZuZLVXe3JGRUtmvLZk= -----END CERTIFICATE REQUEST-----''';

CertificateSigningRequestData data = X509Utils.csrFromPem(x509Pem);

the error is Tag 164 is not supported yet

thanks and best regards.

Ephenodrom commented 2 years ago

Hello @engaref2000 It seems that the parsing has a problem with the subject alternativ name extension. I will take a look at it next week. Can you provide some information on how the CSR was generated?

engaref2000 commented 2 years ago

thanks Ephendrom for response.

the csr file generated in java with this information :

csr.common.name=TST-886431145-312345678900003 csr.serial.number=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f csr.organization.identifier=312345678900003 csr.organization.unit.name=3123456789 csr.organization.name=3123456789 csr.country.name=SA csr.invoice.type=1111 csr.location.address=TST csr.industry.business.category=TST

I hope this information is help.

Ephenodrom commented 2 years ago

@engaref2000 Which java library was used in this case ? Maybe bouncy castle ?

engaref2000 commented 2 years ago

yes the library bouncycastle and the ans1 as decode is from https://lapo.it/asn1js/ SEQUENCE (3 elem) SEQUENCE (4 elem) INTEGER 0 SEQUENCE (4 elem) SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component) PrintableString SA SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.11 organizationalUnitName (X.520 DN component) UTF8String 3123456789 SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.10 organizationName (X.520 DN component) UTF8String 3123456789 SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component) UTF8String TST-886431145-312345678900003 SEQUENCE (2 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 1.2.840.10045.2.1 ecPublicKey (ANSI X9.62 public key type) OBJECT IDENTIFIER 1.3.132.0.10 secp256k1 (SECG (Certicom) named elliptic curve) BIT STRING (520 bit) 0000010000100011100111110101011011010111000000001111011000101010010011… [0] (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 1.2.840.113549.1.9.14 extensionRequest (PKCS #9 via CRMF) SET (1 elem) SEQUENCE (2 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2 enrollCerttypeExtension (Microsoft CAPICOM certificate template, V1) OCTET STRING (20 byte) 0C125A415443412D436F64652D5369676E696E67 UTF8String ZATCA-Code-Signing SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.29.17 subjectAltName (X.509 extension) OCTET STRING (146 byte) 30818FA4818C308189313B303906035504040C32312D5453547C322D5453547C332D6… SEQUENCE (1 elem) [4] (1 elem) SEQUENCE (5 elem) SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.4 surname (X.520 DN component) UTF8String 1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 0.9.2342.19200300.100.1.1 userID (Some oddball X.500 attribute collection) UTF8String 312345678900003 SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.12 title (X.520 DN component) UTF8String 1111 SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.26 registeredAddress (X.520 DN component) UTF8String TST SET (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.4.15 businessCategory (X.520 DN component) UTF8String TST SEQUENCE (1 elem) OBJECT IDENTIFIER 1.2.840.10045.4.3.2 ecdsaWithSHA256 (ANSI X9.62 ECDSA algorithm with SHA256) BIT STRING (576 bit) 0011000001000110000000100010000100000000100111011101011001110000110111… SEQUENCE (2 elem) INTEGER (256 bit) 7139200149141166879124929731463666064519387665678156964825331263561528… INTEGER (256 bit) 7409204401331651896178037162532302602528463729441355867917827012298287…

Ephenodrom commented 2 years ago

Waiting for https://github.com/bcgit/pc-dart/pull/164

Ephenodrom commented 2 years ago

@engaref2000 This can be considered as closed with the new version 4.4.0 is now live on pub.dev.

engaref2000 commented 2 years ago

thanks and best regard . I will check and let you informed.