php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80269 OpenSSL sets Subject wrong with extraattribs parameter
Submitted: 2020-10-22 08:59 UTC Modified: -
From: tom dot schillemans at fasterforward dot nl Assigned:
Status: Open Package: OpenSSL related
PHP Version: 7.4.11 OS: Ubuntu 14.4 / Windows 10
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2020-10-22 08:59 UTC] tom dot schillemans at fasterforward dot nl
Description:
------------
I want to create a Certificate Sign Request with OpenSSL.
To do this I have the test code provided in the gist.

As you can see in the results I am getting, the openssl library also puts the extraattribs in the subject.

When I use the OpenSSL cli tool it does not do that using the exact same config file.

Test script:
---------------
https://gist.github.com/TomSchillemans/f3cb9668ae1878f699032e1acb5486a9

Expected result:
----------------
Certificate Request:
    Data:
        Version: 1 (0x0)
        Subject: C = NL, ST = ST, L = L, O = O, CN = 2013
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:28:99:92:71:f0:0a:03:70:10:29:ba:50:53:
                    ...
                    35:9b
                Exponent: 65537 (0x10001)
        Attributes:
            streetAddress            :
            postalCode               :
            facsimileTelephoneNumber :
            telephoneNumber          :012345678
            1.3.6.1.4.1.11278.1150.2.1:12345678
            1.3.6.1.4.1.11278.1150.2.2:20128551
            name                     :Organisation
            emailAddress             :info@example.com
        Requested Extensions:
            X509v3 Basic Constraints:
                CA:FALSE
    Signature Algorithm: sha256WithRSAEncryption
         30:de:00:b2:5d:c3:23:c1:12:2e:62:7b:2f:a1:29:4f:36:8d:
         ...
         2c:0c:70:9f

Actual result:
--------------
Certificate Request:
    Data:
        Version: 1 (0x0)
        Subject: C = NL, ST = ST, L = L, O = O, CN = 2013, facsimileTelephoneNumber = , postalCode = , street = , name = Organisation, telephoneNumber = 012345678, 1.3.6.1.4.1.11278.1150.2.1 = 001564, 1.3.6.1.4.1.11278.1150.2.2 = 12345678, emailAddress = info@example.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:28:99:92:71:f0:0a:03:70:10:29:ba:50:53:
                    ...
                    35:9b
                Exponent: 65537 (0x10001)
        Attributes:
            streetAddress            :
            postalCode               :
            facsimileTelephoneNumber :
            telephoneNumber          :012345678
            1.3.6.1.4.1.11278.1150.2.1:12345678
            1.3.6.1.4.1.11278.1150.2.2:20128551
            name                     :Organisation
            emailAddress             :info@example.com
        Requested Extensions:
            X509v3 Basic Constraints:
                CA:FALSE
    Signature Algorithm: sha256WithRSAEncryption
         30:de:00:b2:5d:c3:23:c1:12:2e:62:7b:2f:a1:29:4f:36:8d:
         ...
         2c:0c:70:9f

Patches

Add a Patch

Pull Requests

Add a Pull Request

 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Nov 24 12:01:28 2020 UTC