From 2426817cd5f2a7d0ba5f996cc1b5de4eb90bf5d5 Mon Sep 17 00:00:00 2001
From: Andrew Ayer <agwa@andrewayer.name>
Date: Sun, 24 Apr 2016 09:11:28 -0700
Subject: [PATCH] Raise parse error if certain strings are improperly encoded

If a UTF8String in the Subject CN isn't valid UTF-8, or if a DNS SAN is
not ASCII, raise a parse error, since we don't know how to interpret
the string.
---
 asn1.go |  4 ++++
 x509.go | 12 ++++++++++++
 2 files changed, 16 insertions(+)

diff --git a/asn1.go b/asn1.go
index 69fac2b..be2141b 100644
--- a/asn1.go
+++ b/asn1.go
@@ -5,6 +5,7 @@ import (
 	"bytes"
 	"encoding/binary"
 	"encoding/asn1"
+	"unicode/utf8"
 )
 
 func stringFromByteSlice (chars []byte) string {
@@ -35,6 +36,9 @@ func decodeASN1String (value *asn1.RawValue) (string, error) {
 	if !value.IsCompound && value.Class == 0 {
 		if value.Tag == 12 {
 			// UTF8String
+			if !utf8.Valid(value.Bytes) {
+				return "", errors.New("Malformed UTF8String")
+			}
 			return string(value.Bytes), nil
 		} else if value.Tag == 19 || value.Tag == 22 || value.Tag == 20 {
 			// * PrintableString - subset of ASCII
diff --git a/x509.go b/x509.go
index 50c5e48..ec4060d 100644
--- a/x509.go
+++ b/x509.go
@@ -280,6 +280,15 @@ func (cert *Certificate) ParseTBSCertificate () (*TBSCertificate, error) {
 }
 
 
+func isAscii (bytes []byte) bool {
+	for _, b := range bytes {
+		if b > 127 {
+			return false
+		}
+	}
+	return true
+}
+
 func parseSANExtension (value []byte) ([]string, error) {
 	var dnsNames []string
 	var seq asn1.RawValue
@@ -306,6 +315,9 @@ func parseSANExtension (value []byte) ([]string, error) {
 		}
 		switch val.Tag {
 		case 2:
+			if !isAscii(val.Bytes) {
+				return nil, errors.New("failed to parse subjectAltName: DNS name contains non-ASCII characters")
+			}
 			dnsNames = append(dnsNames, string(val.Bytes))
 		}
 	}