Open reznik99 opened 4 months ago
Hello,
I am trying generate a PKCS10 with a SubjectAlternativeName containing a UPN.
package.json
{ "pkijs": "^3.0.15", "asn1js": "^3.0.5", }
try { const altNames = new pkijs.GeneralNames({ names: [ new pkijs.GeneralName({ type: 0, // otherName value: new asn1js.Sequence({ value: [ new asn1js.ObjectIdentifier({ value: '1.3.6.1.4.1.311.20.2.3' }), // UPN oid new asn1js.Constructed({ idBlock: { tagClass: 3, tagNumber: 0 // [0] }, value: [new asn1js.Utf8String({ value: 'test2' })], }), ] }), }), ] }) const extensions = new pkijs.Extension({ extnID: pkijs.id_SubjectAltName, critical: false, extnValue: altNames.toSchema().toBER(), }) console.log(extensions.toString('base64')) } catch (err) { console.error(err) }
SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.29.17 subjectAltName (X.509 extension) OCTET STRING (27 byte) 3019A0173015060A2B060104018237140203A0070C057465737432 SEQUENCE (1 elem) [0] (1 elem) SEQUENCE (2 elem) OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 userPrincipalName (Microsoft UPN) [0] (1 elem) UTF8String test2
It appears that the code is generating an extra Sequence. Causing tools like https://redkestrel.co.uk/tools/decoder to fail to decode the value:
SEQUENCE (2 elem) OBJECT IDENTIFIER 2.5.29.17 subjectAltName (X.509 extension) OCTET STRING (52 byte) 3032A030060A2B060104018237140203A0220C206672616E636573636F2E676F72696E… SEQUENCE (1 elem) [0] (2 elem) OBJECT IDENTIFIER 1.3.6.1.4.1.311.20.2.3 userPrincipalName (Microsoft UPN) [0] (1 elem) UTF8String test2
The CSR generated using another tool gives the following:
What am I doing wrong in the code snippet above?
Hello,
I am trying generate a PKCS10 with a SubjectAlternativeName containing a UPN.
package.jsonCode
Result
ASN1
Decoding tool
It appears that the code is generating an extra Sequence. Causing tools like https://redkestrel.co.uk/tools/decoder to fail to decode the value:
What I am trying to generate
ASN1
Decoding tool
The CSR generated using another tool gives the following:
What am I doing wrong in the code snippet above?