search

kaikramer / keystore-explorer

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool and jarsigner.
https://keystore-explorer.org/
GNU General Public License v3.0
1.61k stars 265 forks source link

How to add `User Notice` on `Certificate Policies` extension on cert.? #475

Open The-Lum opened 5 months ago

The-Lum commented 5 months ago

Describe the bug During tests, we observed:

To Reproduce Steps to reproduce the behavior:

  1. Go to 'Generate Key Pair Cert.'
  2. Click on 'Add Extensions'
  3. Click on 'Certificate Policies (CP)'
  4. Click on 'Add Policy Qualifier Info'
  5. Click on 'User Notice'
  6. Edit 'User Notice'
  7. Impossible to add User Notice

Expected behavior Possibility to add User Notice on Certificate Policies extension on cert.

Screenshots 2024-01-13-AddingUserNotice

Environment

kaikramer commented 5 months ago

Thanks for the bug report!

The issue is in the field "notice numbers". If you only provide "explicit text", it works fine. It's easily fixed, but there is another issue here:

The field "notice numbers" is actually a sequence of numbers, not a single one:

   NoticeReference ::= SEQUENCE {
       organization     DisplayText,
       noticeNumbers    SEQUENCE OF INTEGER }

So, a UI change is necessary here as well.

kaikramer commented 5 months ago

I have just noticed the hint in the tooltip, but not sure if it is enough...