bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

Only ST, not S and SP accepted for State or Province,

Open owlstead opened this issue 3 years ago • 2 comments

Currently the code that parses the Distinguished Name (DN) in the Bouncy Castle certificate parser is only able to recognize ST for State or Province. Although this is the preferred identifier, the older S and SP should also be recognized. Currently I have received a certificate that uses S instead of ST, and when I try to retrieve the field BC will try and retrieve it using the OID (2.5.4.8). However, that will return null - and I don't see any other way to directly access S or SP.

This seems to go for most X500 "styles" such as BCStyle:

public static final ASN1ObjectIdentifier ST = new ASN1ObjectIdentifier("2.5.4.8").intern();

owlstead avatar Dec 12 '22 15:12 owlstead

The certificate can't be using S or ST it will be using the OID "2.5.4.8". You are welcome to parse string representations as you wish.

dghgit avatar May 20 '23 06:05 dghgit

@owlstead @dghgit can this issue be closed?

winfriedgerlach avatar Jan 10 '25 22:01 winfriedgerlach