trailing extra characters in cert extension subjectKeyIdentifier #2
Description
Hi,
I was trying to use your node module for parsing a 509 certificate, pull the extension part of it and look for subjectKeyIdentifier value of it.
However, from time to time i am seeing extra trailing characters in that attribute, is it present in the cert itself or it is a bug ?
Problematic attribute:
"subjectKeyIdentifier":"86:12:8C:4C:0A:69:D6:0A:63:34:C9:C6:A7:76:10:FA:70:35:59:D4\u0002\u0001"
from logs:
-----BEGIN CERTIFICATE-----
MIIEoDCCAwigAwIBAgIETOX2GjANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJD
QTEbMBkGA1UECgwSQmxhY2tCZXJyeSBMaW1pdGVkMR4wHAYDVQQLDBVCbGFja0Jl
cnJ5IENpcnJ1cyBQS0kxMDAuBgNVBAMMJ0JsYWNrQmVycnkgQ2lycnVzIFJTQSBJ
bnRlcm1lZGlhdGUgQ0EgMTAeFw0xNTA0MTUxOTAwMDBaFw0zNDA3MDcxNzI1NTNa
MFoxCzAJBgNVBAYTAkNBMSEwHwYDVQQDExhBdkVOZVhsK2J4V2YyazRUWWk3UWVy
MD0xEzARBgNVBAsTCkVUUjYwNzU4NzMxEzARBgNVBAoTCjEyMzQ1Njc4OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDChS0NECSlTzMeQ1MRC1OrnXIa
pBGWF6NXtLicaeJ7NS4ndV9MLaU0FMVwnN7C9E4cn7IIyoawVICR6jhgnTJPcMeu
30j8+I6AkjHLx0v+EGuyT2q7s9Dhqau0uo/nHurHP7ZUlH/60EKuNaTOTH8Gh0Os
XDPqPt7lzkTJrxEUg6V4l+1ocdKgfbmJQFFT2KdQ6t08+UPecxfrOHsOqMkDNkAt
jSWBOq7nl1RuUGje2x/hj1YePbhlGwIOdBE1Vx0hvHY0LEOsITpABmyxX/xhH29E
Rr51ANeur7o8TWEgNVD1/kSYR0l5uVH2hDnab/7SAAu0Cu3nQjAKE8ZKjAm1AgMB
AAGjgcswgcgwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBLAwHQYDVR0OBBYE
FIYSjEwKadYKYzTJxqd2EPpwNVnUMB8GA1UdIwQYMBaAFHLDh4vCJ2JpnLSNlDqz
xYNgwtG3MFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9wa2kuc2VydmljZXMuYmxh
Y2tiZXJyeS5jb20vcHRvZS9yYS9jcmwvY2lycnVzLXJzYS1pY2EtMTAWBgNVHSUB
Af8EDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEASe5bINI6GJYcPu9q
n4Ayg50mLd+PZtj3UE/x+GBJ6ntghNVV+jKpwDSvbzeXND9rKX2t6XCaCc2LpKYM
o7O1mpElodI13QzTmNJVIN4cVvc6sSF4JD641ZYz8GdFqOK3ikK/sK8Lcqi7WcxK
zZl7IXbGWzkdn6Q/uTuOIZQY8wo7xppXO6ar7zqbZBZnnatzlWUO/VVuaXoF9NHj
kQDH9tc3zO9Y1RMHTnqlo0uvRbFDGT2DBB2j7/uSGem1t0ZN/6vqdrUkDeclRxB3
X9wgxVDmvNvkKLWC9+PdtqTzMCSQs/j5cX8ADDkHmc+o9WAg+g9vZ3Q8gw8edg84
J6tQ0dKZwC6sFNBzeXpFLFSTe4LRju43DRe7MILrJh2b3b/ttZkC/rBmU8LJkPEz
EpvUJGvpma+3Kk+yNFQ30DdEH4b+a3Xr6MaPKiXaKWZ4eH+3m+ABBATlsEaeilbd
1SXmEryiqWzorTrWgjjtoWcb/X8fcIP8zSPyuq6E8dnk1KDI
-----END CERTIFICATE-----
[2015-04-16T20:45:18.600Z] DEBUG: CERT PARSED : {"version":2,"subject":{"countryName":"CA","commonName":"AvENeXl+bxWf2k4TYi7Qer0=","organizationalUnitName":"ETR6075873","organizationName":"1234567890"},"issuer":{"countryName":"CA","organizationName":"BlackBerry Limited","organizationalUnitName":"BlackBerry Cirrus PKI","commonName":"BlackBerry Cirrus RSA Intermediate CA 1"},"serial":"4CE5F61A","notBefore":"2015-04-15T19:00:00.000Z","notAfter":"2034-07-07T17:25:53.000Z","signatureAlgorithm":"sha256WithRSAEncryption","fingerPrint":"44:2A:28:A3:63:01:4A:AC:E5:65:3E:7A:BA:BA:11:D4:99:90:4D:D6","publicKey":{"algorithm":"rsaEncryption","e":"65537","n":"C2852D0D1024A54F331E4353110B53AB9D721AA4119617A357B4B89C69E27B352E27755F4C2DA53414C5709CDEC2F44E1C9FB208CA86B0548091EA38609D324F70C7AEDF48FCF88E809231CBC74BFE106BB24F6ABBB3D0E1A9ABB4BA8FE71EEAC73FB654947FFAD042AE35A4CE4C7F068743AC5C33EA3EDEE5CE44C9AF111483A57897ED6871D2A07DB989405153D8A750EADD3CF943DE7317EB387B0EA8C90336402D8D25813AAEE797546E5068DEDB1FE18F561E3DB8651B020E741135571D21BC76342C43AC213A40066CB15FFC611F6F4446BE7500D7AEAFBA3C4D61203550F5FE4498474979B951F68439DA6FFED2000BB40AEDE742300A13C64A8C09B5"},"altNames":[],"extensions":{"basicConstraints":"CA:FALSE","keyUsage":"Digital Signature, Key Encipherment, Data Encipherment","subjectKeyIdentifier":"86:12:8C:4C:0A:69:D6:0A:63:34:C9:C6:A7:76:10:FA:70:35:59:D4\u0002\u0001","authorityKeyIdentifier":"keyid:72:C3:87:8B:C2:27:62:69:9C:B4:8D:94:3A:B3:C5:83:60:C2:D1:B7","cRLDistributionPoints":"\nFull Name:\n URI:http://pki.services.blackberry.com/ptoe/ra/crl/cirrus-rsa-ica-1","extendedKeyUsage":"TLS Web Client Authentication"}} (topic=applog, ecosystem=dev, system_scope=true, service_scope=true, requestId=034af50b-ae8b-472b-8c7c-66b30786b4b6)