search

kaikramer / keystore-explorer

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool and jarsigner.
https://keystore-explorer.org/
GNU General Public License v3.0
1.7k stars 275 forks source link

error inspecting SAN if certificate contains UPN (OID 1.3.6.1.4.1.311.20.2.3) #211

Closed e4711s closed 4 years ago

e4711s commented 4 years ago

Describe the bug For certificates containing SAN UPN (OID 1.3.6.1.4.1.311.20.2.3) the Subject Alternative Name extension cannot be displayed and an exception is thrown.

To Reproduce Steps to reproduce the behavior:

  1. save the following as sanUpn.cer

-----BEGIN CERTIFICATE----- MIIDPDCCAiSgAwIBAgIIBGimO6Z8MkkwDQYJKoZIhvcNAQELBQAwEjEQMA4GA1UE AwwHZHVtbXljYTAeFw0yMDA0MTYwNjU3MTZaFw0yMTA0MTYwNjU3MTZaMA4xDDAK BgNVBAMMA2ZvbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOi5XIOH hu2jn+BaBGsDx9FzZNctX1UA1Cz/NUfrT69cGAENqBGCDrPNtBSxy0Uw/Ygt3aBD uwcBRU+z6WAQPm7cJtAx8K4YauPljY3Z+ppmfa4oj9KmUygrb94Df2VWz0XCfkm2 0tF4SqGhdY/JZr0GJtJzM+il1eIDO//qTMzic31eIw5Uy2b9xfyuTUe0UkzcQaXx vTjziB7e0y9gnuGLGMQlbAc7PjgrNXcXd77XzN/xCtcnkstHdPstjE2d/jY1iqPJ ywhqzyfpHO6ynd45ZkQA20j3iQS98pZLgMke/3vvebFxRX+N9Bg0wteKt2ITdCpA jpuocbgbez6OSo0CAwEAAaOBmTCBljAOBgNVHQ8BAf8EBAMCBDAwHQYDVR0OBBYE FD9/d/MmWcgSi3sJmexyczkUQYf1MD0GA1UdIwQ2MDSAFMPtwsB7oEsO5Z+O2Na2 0BZ0NaXeoRakFDASMRAwDgYDVQQDDAdkdW1teWNhggRemADsMCYGA1UdEQQfMB2g GwYKKwYBBAGCNxQCA6ANDAtmb29AdXBuLmJhcjANBgkqhkiG9w0BAQsFAAOCAQEA XVaSW5+nxOxMY5Vm1TBksGoe6IJceIaA9CbsCeqtAPnuSmdcXE43gnION59HS313 BwkrCqLSwzOSNpqqT+dHXaCmEIw9Xz03SM91kdyHTDjaCXAu93i4tMhD93sNDcO+ IElwWhvKMXTZL4ImtM0hoUZ3pVFCKYZGE79zmo4/jYkjDwp4baT4rcL6HfxNEvOk n4mc4B56W4CKSjd3W78bYOTlrdsRaoThgUIM/fPUBm0PgxsbDUoJwhTwQcJKv/H2 8D4au3kLe0Dj8d5IUuS4eQWf4evbnEyzQV5GLa/EQtMRmT5ySABs9xKXoY5guZ/1 1n2vbVAgeAcIR80pSZ3ZrA== -----END CERTIFICATE-----

  1. open KSE
  2. drag sanUpn.cer onto KSE
  3. click "Extensions"
  4. click "Subject Alternative Name" => error

java.lang.ClassCastException: org.bouncycastle.asn1.DLTaggedObject cannot be cast to org.bouncycastle.asn1.DERTaggedObject at org.kse.crypto.x509.GeneralNameUtil.parseUPN(GeneralNameUtil.java:173) at org.kse.crypto.x509.GeneralNameUtil.toString(GeneralNameUtil.java:232) at org.kse.crypto.x509.X509Ext.getSubjectAlternativeNameStringValue(X509Ext.java:726) at org.kse.crypto.x509.X509Ext.getStringValue(X509Ext.java:219) at org.kse.gui.dialogs.extensions.DViewExtensions.updateExtensionValue(DViewExtensions.java:300) at org.kse.gui.dialogs.extensions.DViewExtensions.access$000(DViewExtensions.java:84) at org.kse.gui.dialogs.extensions.DViewExtensions$1.valueChanged(DViewExtensions.java:173) at javax.swing.DefaultListSelectionModel.fireValueChanged(Unknown Source) at javax.swing.DefaultListSelectionModel.fireValueChanged(Unknown Source) at javax.swing.DefaultListSelectionModel.setValueIsAdjusting(Unknown Source) at javax.swing.plaf.basic.BasicTableUI$Handler.setValueIsAdjusting(Unknown Source) at javax.swing.plaf.basic.BasicTableUI$Handler.mouseReleased(Unknown Source) at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source) at java.awt.Component.processMouseEvent(Unknown Source) at javax.swing.JComponent.processMouseEvent(Unknown Source) at java.awt.Component.processEvent(Unknown Source) at java.awt.Container.processEvent(Unknown Source) at java.awt.Component.dispatchEventImpl(Unknown Source) at java.awt.Container.dispatchEventImpl(Unknown Source) at java.awt.Component.dispatchEvent(Unknown Source) at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source) at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source) at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source) at java.awt.Container.dispatchEventImpl(Unknown Source) at java.awt.Window.dispatchEventImpl(Unknown Source) at java.awt.Component.dispatchEvent(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$500(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.WaitDispatchSupport$2.run(Unknown Source) at java.awt.WaitDispatchSupport$4.run(Unknown Source) at java.awt.WaitDispatchSupport$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.awt.WaitDispatchSupport.enter(Unknown Source) at java.awt.Dialog.show(Unknown Source) at java.awt.Component.show(Unknown Source) at java.awt.Component.setVisible(Unknown Source) at java.awt.Window.setVisible(Unknown Source) at java.awt.Dialog.setVisible(Unknown Source) at org.kse.gui.dialogs.DViewCertificate.extensionsPressed(DViewCertificate.java:743) at org.kse.gui.dialogs.DViewCertificate.access$200(DViewCertificate.java:95) at org.kse.gui.dialogs.DViewCertificate$3.actionPerformed(DViewCertificate.java:346) at javax.swing.AbstractButton.fireActionPerformed(Unknown Source) at javax.swing.AbstractButton$Handler.actionPerformed(Unknown Source) at javax.swing.DefaultButtonModel.fireActionPerformed(Unknown Source) at javax.swing.DefaultButtonModel.setPressed(Unknown Source) at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(Unknown Source) at java.awt.AWTEventMulticaster.mouseReleased(Unknown Source) at java.awt.Component.processMouseEvent(Unknown Source) at javax.swing.JComponent.processMouseEvent(Unknown Source) at java.awt.Component.processEvent(Unknown Source) at java.awt.Container.processEvent(Unknown Source) at java.awt.Component.dispatchEventImpl(Unknown Source) at java.awt.Container.dispatchEventImpl(Unknown Source) at java.awt.Component.dispatchEvent(Unknown Source) at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source) at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source) at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source) at java.awt.Container.dispatchEventImpl(Unknown Source) at java.awt.Window.dispatchEventImpl(Unknown Source) at java.awt.Component.dispatchEvent(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$500(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.awt.EventQueue$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.WaitDispatchSupport$2.run(Unknown Source) at java.awt.WaitDispatchSupport$4.run(Unknown Source) at java.awt.WaitDispatchSupport$4.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.awt.WaitDispatchSupport.enter(Unknown Source) at java.awt.Dialog.show(Unknown Source) at java.awt.Component.show(Unknown Source) at java.awt.Component.setVisible(Unknown Source) at java.awt.Window.setVisible(Unknown Source) at java.awt.Dialog.setVisible(Unknown Source) at org.kse.gui.actions.ExamineFileAction.openCert(ExamineFileAction.java:166) at org.kse.gui.actions.ExamineFileAction.openFile(ExamineFileAction.java:122) at org.kse.gui.dnd.DroppedFileHandler.openFiles(DroppedFileHandler.java:84) at org.kse.gui.dnd.DroppedFileHandler$1.run(DroppedFileHandler.java:56) at java.awt.event.InvocationEvent.dispatch(Unknown Source) at java.awt.EventQueue.dispatchEventImpl(Unknown Source) at java.awt.EventQueue.access$500(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.awt.EventQueue$3.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(Unknown Source) at java.awt.EventQueue.dispatchEvent(Unknown Source) at java.awt.EventDispatchThread.pumpOneEventForFilters(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForFilter(Unknown Source) at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.pumpEvents(Unknown Source) at java.awt.EventDispatchThread.run(Unknown Source)

Expected behavior The SAN extension is displayed and no error is shown.

Screenshots SAN shown in Windows cert dialog: image Error in KSE: image

Environment

kaikramer commented 4 years ago

Thank you very much for the bug report!