[Pki-devel] [PATCH] PKCS10Client enhancement

Ade Lee alee at redhat.com
Thu Aug 15 16:47:29 UTC 2013 

Couple of questions:

1. I am assuming that ":" is not a valid  character in each of the
subject name fields, right?

2. Is the format "cn=UTF8String:aa,ou=BMPString:bb,o=cc" a standard way
of specifying this type of thing?  If not, is there a standard way of
specifying subject names with multiple encodings? (and why would anyone
do that?)

3. Right now, if someone puts in an incorrect encoding, the element will
silently fail to be added to the subject name.  Is this what we want?
Do we rather want to throw an exception and notify the user?

4. Similarly, in addNameElement, we catch the exception and just print
out an error message.  Do we want to rather bubble up the exception and
abort?

5. Does it make sense to add logic to addNameElement() to default to
PrintableString in the case that n=0, and then just eliminate the calls
to the old functions?

For example, instead of :

               if (split[0].equals("O")) {
                    if (n > 0) {
                        ret = addNameElement (ret, Name.organizationName, n, split[1]);
                    } else {
                        ret.addOrganizationName(split[1]);
                    }
                    //                System.out.println("O found : " + split[1]);
                    continue;
               }

have: 
               if (split[0].equals("O")) {
                    ret = addNameElement (ret, Name.organizationName, n, split[1]);
                    // System.out.println("O found : " + split[1]);
                    continue;
               }

and remove the function addOrganizationName() etc.  In fact, it probably
make sense to just compute n in the addNameElement() function, rather
than passing it.  

6.  Please add some comments above the addNameElement() function to
describe what is going on. (maybe referencing the ticket number).

7.  In the diff at least, it looks like the System.out.println()
statements are a little offset.  I know they are not in your code
changes, but please fix them while we are there.

Thanks, 
Ade
 
On Wed, 2013-08-14 at 17:08 -0700, Andrew Wnuk wrote:
> 
> This patch provides enhancement to PKCS10Client allowing to control
> encoding for components of the subject name. 
> 
> Ticket #677
> 
> More details included in comment #2 of ticket #677.
> Testing procedure included in comment #4 of ticket #677.
> 
> 
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel

More information about the Pki-devel mailing list