Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Auto ID - Issue with Deterministic Identifier Generation Using DER-Encoded subject_common_name #2752

Closed
jfrank-summit opened this issue May 9, 2024 · 0 comments · Fixed by #2762
Closed

Auto ID - Issue with Deterministic Identifier Generation Using DER-Encoded subject_common_name #2752

jfrank-summit opened this issue May 9, 2024 · 0 comments · Fixed by #2762
Assignees
@dastansam
Labels
bug Something isn't working

Comments

@jfrank-summit
Copy link
Member

The system is designed to generate a deterministic identifier for an Auto ID by hashing the issuer_id together with the subject_common_name of a certificate. Currently, the subject_common_name is being utilized in its DER-encoded form rather than as a plain string.

In the DER encoding process, extra bytes are prefixed to the subject_common_name value that represent the data type and length. This inclusion results in a modification of the input data for the hash function, leading to the generation of unexpected identifier values.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dastansam dastansam

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Auto-id: use non-der encoded value of common name for auto id subspace/subspace
2 participants
@jfrank-summit @dastansam