Parse error when extracting issuer #474
Description
The following code snippet, tries to parse a root certificate from certificate transparency and fails:
(venv) node@nodejs /u/h/node> cat test/parser-3.js
#!/usr/bin/env node
var jsrsasign = require('jsrsasign');
var pem = '-----BEGIN CERTIFICATE-----\n' +
'MIIEUzCCAzugAwIBAgIDAOJDMA0GCSqGSIb3DQEBBQUAMIHPMQswCQYDVQQGEwJBVDGBizCBiAY\n' +
'DVQQKHoGAAEEALQBUAHIAdQBzAHQAIABHAGUAcwAuACAAZgD8AHIAIABTAGkAYwBoAGUAcgBoAG\n' +
'UAaQB0AHMAcwB5AHMAdABlAG0AZQAgAGkAbQAgAGUAbABlAGsAdAByAC4AIABEAGEAdABlAG4Ad\n' +
'gBlAHIAawBlAGgAcgAgAEcAbQBiAEgxGDAWBgNVBAsTD0EtVHJ1c3QtUXVhbC0wMTEYMBYGA1UE\n' +
'AxMPQS1UcnVzdC1RdWFsLTAxMB4XDTA0MTEzMDIzMDAwMFoXDTE0MTEzMDIzMDAwMFowgc8xCzA\n' +
'JBgNVBAYTAkFUMYGLMIGIBgNVBAoegYAAQQAtAFQAcgB1AHMAdAAgAEcAZQBzAC4AIABmAPwAcg\n' +
'AgAFMAaQBjAGgAZQByAGgAZQBpAHQAcwBzAHkAcwB0AGUAbQBlACAAaQBtACAAZQBsAGUAawB0A\n' +
'HIALgAgAEQAYQB0AGUAbgB2AGUAcgBrAGUAaAByACAARwBtAGIASDEYMBYGA1UECxMPQS1UcnVz\n' +
'dC1RdWFsLTAxMRgwFgYDVQQDEw9BLVRydXN0LVF1YWwtMDEwggEiMA0GCSqGSIb3DQEBAQUAA4I\n' +
'BDwAwggEKAoIBAQCmhgdxIbxTGEOHfXGiewI3NFldAWKFWfLofO+5I1UbvA5avt7IgsGXz/tI/f\n' +
'5HGUbascI0i7xG0tqVlA5ctQgLRqxgxHtgTkMcqsAEYdsz3LZsCdXO1QrvEBGLTSABdxiL/gSWJ\n' +
'6z77CSwx7Xg02HwxPV82cjGkSF3ENGJntuIAAnRDWn/ORHjFatNRymoMbHaOEZXSGhf7Y5FrrHE\n' +
'qGyi9E6sv784De/T1aTvskn8cWeUmDzv//omiG/a/V9KQex/61XN8OthUQVnX+u/liL2NKx74I2\n' +
'C/GgHX5B0WkPNqsSOgmlvJ/cKuT0PveUgVFDAA0oYBgcE1KDMlBbN0kmPAgMBAAGjNjA0MA8GA1\n' +
'UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECEs8jB2F6W+tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9\n' +
'w0BAQUFAAOCAQEAIUusmJzMJRiQ8TAHrJAOelfuWoTGcqdIv7Tys/fNl2yF2fjvHT8J01aKialF\n' +
'VpbVeQ2XKb1O2bHOQYAKgsdZ2jZ/sdL2UVFRTHmidLu6PdgWCBRhJYQELQophO9QVvfhAA0TwbE\n' +
'SYqTz+nlI5Gr7CZe8f6HEmhJmCtUQsdQCufGglRh4T+tIGiNGcnyVEHZ93mSVepFr1VA29CTRPt\n' +
'euGjA81jeAz9peYiFE1CXvxK9cJiv0BcALFLWmADCoRLzIRZhA+sAwYUmwM1rqVCPA3kBQvIC95\n' +
'tyQvNy2dG0Vs+O6PwLaNX/suSlElQ06X2l1VwMaYb4vZKFqN0bOhBXEVg==\n' +
'-----END CERTIFICATE-----';
console.log(pem);
var cert = new jsrsasign.X509();
cert.readCertPEM(pem);
console.log(`issuer: ${cert.getIssuer()}`);
(venv) node@nodejs /u/h/node> node test/parser-3.js | openssl x509 -noout -text -nameopt multiline,show_type -certopt no_sigdump
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57923 (0xe243)
Signature Algorithm: sha1WithRSAEncryption
Issuer:
countryName = PRINTABLESTRING:AT
organizationName = BMPSTRING:A-Trust Ges. f\FCr Sicherheitssysteme im elektr. Datenverkehr GmbH
organizationalUnitName = PRINTABLESTRING:A-Trust-Qual-01
commonName = PRINTABLESTRING:A-Trust-Qual-01
Validity
Not Before: Nov 30 23:00:00 2004 GMT
Not After : Nov 30 23:00:00 2014 GMT
Subject:
countryName = PRINTABLESTRING:AT
organizationName = BMPSTRING:A-Trust Ges. f\FCr Sicherheitssysteme im elektr. Datenverkehr GmbH
organizationalUnitName = PRINTABLESTRING:A-Trust-Qual-01
commonName = PRINTABLESTRING:A-Trust-Qual-01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:86:07:71:21:bc:53:18:43:87:7d:71:a2:7b:
02:37:34:59:5d:01:62:85:59:f2:e8:7c:ef:b9:23:
55:1b:bc:0e:5a:be:de:c8:82:c1:97:cf:fb:48:fd:
fe:47:19:46:da:b1:c2:34:8b:bc:46:d2:da:95:94:
0e:5c:b5:08:0b:46:ac:60:c4:7b:60:4e:43:1c:aa:
c0:04:61:db:33:dc:b6:6c:09:d5:ce:d5:0a:ef:10:
11:8b:4d:20:01:77:18:8b:fe:04:96:27:ac:fb:ec:
24:b0:c7:b5:e0:d3:61:f0:c4:f5:7c:d9:c8:c6:91:
21:77:10:d1:89:9e:db:88:00:09:d1:0d:69:ff:39:
11:e3:15:ab:4d:47:29:a8:31:b1:da:38:46:57:48:
68:5f:ed:8e:45:ae:b1:c4:a8:6c:a2:f4:4e:ac:bf:
bf:38:0d:ef:d3:d5:a4:ef:b2:49:fc:71:67:94:98:
3c:ef:ff:fa:26:88:6f:da:fd:5f:4a:41:ec:7f:eb:
55:cd:f0:eb:61:51:05:67:5f:eb:bf:96:22:f6:34:
ac:7b:e0:8d:82:fc:68:07:5f:90:74:5a:43:cd:aa:
c4:8e:82:69:6f:27:f7:0a:b9:3d:0f:bd:e5:20:54:
50:c0:03:4a:18:06:07:04:d4:a0:cc:94:16:cd:d2:
49:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Subject Key Identifier:
4B:3C:8C:1D:85:E9:6F:AD
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:11936
return decodeURIComponent(hextouricmp(a))
^
URIError: URI malformed
at decodeURIComponent (<anonymous>)
at hextoutf8 (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:11936:12)
at X509.getAttrTypeAndValue (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:16056:19)
at X509.getRDN (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:16041:25)
at X509.getX500NameArray (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:16033:25)
at X509.getX500Name (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:16022:22)
at X509.getIssuer (/usr/home/node/node_modules/jsrsasign/lib/jsrsasign.js:15277:21)
at Object.<anonymous> (/usr/home/node/test/parser-3.js:31:29)
at Module._compile (node:internal/modules/cjs/loader:1108:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1137:10)