Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incomplete Display of IP Address Values in subjectAltName on ASN.1 Decoder #92

Open
microshine opened this issue Jun 3, 2024 · 1 comment
Open

Incomplete Display of IP Address Values in subjectAltName on ASN.1 Decoder #92

microshine opened this issue Jun 3, 2024 · 1 comment

Comments

@microshine
Copy link

Issue Description:

When decoding a certificate on https://lapo.it/asn1js, the values for some IP addresses in the subjectAltName field are not displayed correctly. The output shows that the value consists of, for example, 4 bytes, but the hexadecimal representation is missing.

Steps to Reproduce:

  1. Open https://lapo.it/asn1js.
  2. Input the provided certificate data (see below) into the decoder.
  3. Observe the subjectAltName field in the decoded output.

Expected Behavior:

The subjectAltName field should display the full hexadecimal representation of IP addresses.

Actual Behavior:

The subjectAltName field indicates that some IP address values consist of 4 bytes, but the hexadecimal representation is not shown.

Certificate Data:

MIIGyDCCBk6gAwIBAgIQDQsh8YVJ+5rl2I/Z0i4MlzAKBggqhkjOPQQDAzBWMQswCQYDVQQGEwJVUzEV
MBMGA1UEChMMRGlnaUNlcnQgSW5jMTAwLgYDVQQDEydEaWdpQ2VydCBUTFMgSHlicmlkIEVDQyBTSEEz
ODQgMjAyMCBDQTEwHhcNMjMwNzMxMDAwMDAwWhcNMjQwODA2MjM1OTU5WjBbMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkxDjAMBgNVBAoTBVF1YWQ5MRQwEgYD
VQQDDAsqLnF1YWQ5Lm5ldDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABH2L1x0DhQ0YJbM0HCmhJ9Ss
ASVIiqDx6gK52FEsCGqsclbs+j2moJ9JCVWOrP65cxdcAvt4zCSRlG9DI4kOHWajggT3MIIE8zAfBgNV
HSMEGDAWgBQKvAgpF4ylOW16Ds4zxy6z7fvDejAdBgNVHQ4EFgQUf6kSpdfGi0gCxz0qRW5AHkBg9Jcw
ggGNBgNVHREEggGEMIIBgIILKi5xdWFkOS5uZXSCCXF1YWQ5Lm5ldIcECQkJCYcECQkJCocECQkJC4cE
CQkJDIcECQkJDYcECQkJDocECQkJD4cElXBwCYcElXBwCocElXBwC4cElXBwDIcElXBwDYcElXBwDocE
lXBwD4cElXBwcIcQJiAA/gAAAAAAAAAAAAAACYcQJiAA/gAAAAAAAAAAAAAAEIcQJiAA/gAAAAAAAAAA
AAAAEYcQJiAA/gAAAAAAAAAAAAAAEocQJiAA/gAAAAAAAAAAAAAAE4cQJiAA/gAAAAAAAAAAAAAAFIcQ
JiAA/gAAAAAAAAAAAAAAFYcQJiAA/gAAAAAAAAAAAAAA/ocQJiAA/gAAAAAAAAAAAP4ACYcQJiAA/gAA
AAAAAAAAAP4AEIcQJiAA/gAAAAAAAAAAAP4AEYcQJiAA/gAAAAAAAAAAAP4AEocQJiAA/gAAAAAAAAAA
AP4AE4cQJiAA/gAAAAAAAAAAAP4AFIcQJiAA/gAAAAAAAAAAAP4AFTAOBgNVHQ8BAf8EBAMCB4AwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMIGbBgNVHR8EgZMwgZAwRqBEoEKGQGh0dHA6Ly9jcmwz
LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU0h5YnJpZEVDQ1NIQTM4NDIwMjBDQTEtMS5jcmwwRqBEoEKG
QGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU0h5YnJpZEVDQ1NIQTM4NDIwMjBDQTEt
MS5jcmwwPgYDVR0gBDcwNTAzBgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2Vy
dC5jb20vQ1BTMIGFBggrBgEFBQcBAQR5MHcwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
LmNvbTBPBggrBgEFBQcwAoZDaHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTSHli
cmlkRUNDU0hBMzg0MjAyMENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFq
AWgAdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYmtrLxjAAAEAwBHMEUCIQCAWtmg
TRnZsqjxZ7jdiDq0EEfxBB4kMj7oaZPv+URihQIgUJxBXliHw3ic/24+0NilFj/WfEcV1kNRARUhXS6x
n08AdwBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYmtrLxLAAAEAwBIMEYCIQClQbGk
sPNEGkRsO930WOdpYDBhFWVD44nw9ks9uyawJAIhAPypE9SPFDDkOgrOw+K++guz486lzdjaAfVzdyO6
sw80AHUA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGJray8FwAABAMARjBEAiBMmvof
eflmsV3JoyFVid5GiJaPHkH9fDWkS93eP9fgEQIgfkTwCbSFNKnF47riYP4MJow7haBO+pFwRW5WAEC1
AQQwCgYIKoZIzj0EAwMDaAAwZQIwOOsRrmNqg61CQTVH/6I6W1ZKb+5efJZpgZLVhCirpay7lyiuNyC1
QkF6jfTAh+nGAjEAoRSNqC4pY/1GUJ3ygEjSOkUKlFnpXSxYIxJz9yJ43z05faF/uL+mrpAV9GXi2cpt

ASN.1 Decoded Output Snippet:

SEQUENCE @419+397 (constructed): (2 elem)
  OBJECT_IDENTIFIER @423+3: 2.5.29.17|subjectAltName|X.509 extension
  OCTET_STRING @428+388 (encapsulates): (388 byte)|30820180820B2A2E71756164392E6E6574820971756164392E6E657487040909090987040909090A87040909090B87040909090C87040909090D87040909090E87040909090F87049570700987049570700A87049570700B87049570700C87049570700D87049570700E87049570700F8704957070708710262000FE0000000000000000000000098710262000FE0000000000000000000000108710262000FE0000000000000000000000118710262000FE0000000000000000000000128710262000FE0000000000000000000000138710262000FE0000000000000000000000148710262000FE0000000000000000000000158710262000FE0000000000000000000000FE8710262000FE000000000000000000FE00098710262000FE000000000000000000FE00108710262000FE000000000000000000FE00118710262000FE000000000000000000FE00128710262000FE000000000000000000FE00138710262000FE000000000000000000FE00148710262000FE000000000000000000FE0015
    SEQUENCE @432+384 (constructed): (32 elem)


      [2] @436+11: (11 byte)|*.quad9.net
      [2] @449+9: (9 byte)|quad9.net
      [7] @460+4: (4 byte)|				
      [7] @466+4: (4 byte)|			|
      [7] @472+4: (4 byte)|0909090B
      [7] @478+4: (4 byte)|0909090C
      [7] @484+4: (4 byte)|			
      [7] @490+4: (4 byte)|0909090E
      [7] @496+4: (4 byte)|0909090F
      [7] @502+4: (4 byte)|95707009
      [7] @508+4: (4 byte)|9570700A
      [7] @514+4: (4 byte)|9570700B
      [7] @520+4: (4 byte)|9570700C
      [7] @526+4: (4 byte)|9570700D
      [7] @532+4: (4 byte)|9570700E
      [7] @538+4: (4 byte)|9570700F
      [7] @544+4: (4 byte)|95707070
      [7] @550+16: (16 byte)|262000FE000000000000000000000009
      [7] @568+16: (16 byte)|262000FE000000000000000000000010
      [7] @586+16: (16 byte)|262000FE000000000000000000000011
      [7] @604+16: (16 byte)|262000FE000000000000000000000012
      [7] @622+16: (16 byte)|262000FE000000000000000000000013
      [7] @640+16: (16 byte)|262000FE000000000000000000000014
      [7] @658+16: (16 byte)|262000FE000000000000000000000015
      [7] @676+16: (16 byte)|262000FE0000000000000000000000FE
      [7] @694+16: (16 byte)|262000FE000000000000000000FE0009
      [7] @712+16: (16 byte)|262000FE000000000000000000FE0010
      [7] @730+16: (16 byte)|262000FE000000000000000000FE0011
      [7] @748+16: (16 byte)|262000FE000000000000000000FE0012
      [7] @766+16: (16 byte)|262000FE000000000000000000FE0013
      [7] @784+16: (16 byte)|262000FE000000000000000000FE0014
      [7] @802+16: (16 byte)|262000FE000000000000000000FE0015
@lapo-luchini
Copy link
Owner

lapo-luchini commented Sep 14, 2024
edited
Loading

Reason is here:

function checkPrintable(s) {
    let i, v;
    for (i = 0; i < s.length; ++i) {
        v = s.charCodeAt(i);
        if (v < 32 && v != 9 && v != 10 && v != 13) // [\t\r\n] are (kinda) printable
            throw new Error('Unprintable character at index ' + i + ' (code ' + s.str.charCodeAt(i) + ')');
    }
}

The "missing" values are interpreted as printable, because they are respectively "\t\t\t\t", "\t\t\t\n", and "\t\t\t\r" and are thus printed as string (which produces nothing visible).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lapo-luchini @microshine