search

kaikramer / keystore-explorer

KeyStore Explorer is a free GUI replacement for the Java command-line utilities keytool and jarsigner.
https://keystore-explorer.org/
GNU General Public License v3.0
1.7k stars 275 forks source link

How to add `User Notice` on `Certificate Policies` extension on cert.? #475

Open The-Lum opened 10 months ago

The-Lum commented 10 months ago

Describe the bug During tests, we observed:

To Reproduce Steps to reproduce the behavior:

  1. Go to 'Generate Key Pair Cert.'
  2. Click on 'Add Extensions'
  3. Click on 'Certificate Policies (CP)'
  4. Click on 'Add Policy Qualifier Info'
  5. Click on 'User Notice'
  6. Edit 'User Notice'
  7. Impossible to add User Notice

Expected behavior Possibility to add User Notice on Certificate Policies extension on cert.

Screenshots 2024-01-13-AddingUserNotice

Environment

kaikramer commented 10 months ago

Thanks for the bug report!

The issue is in the field "notice numbers". If you only provide "explicit text", it works fine. It's easily fixed, but there is another issue here:

The field "notice numbers" is actually a sequence of numbers, not a single one:

   NoticeReference ::= SEQUENCE {
       organization     DisplayText,
       noticeNumbers    SEQUENCE OF INTEGER }

So, a UI change is necessary here as well.

kaikramer commented 10 months ago

I have just noticed the hint in the tooltip, but not sure if it is enough...