char encoding used in individual fields of certificate

Question

Its not clear to me where does the information of character encoding (AsciiString, BMPString, UTF8String etc) used inside the individual fields of an X509 certificate (common name etc. rfc 5280 ) comes from. We definitely can't be sure just looking at the individual character stream ( unless it's Unicode ). Does x509 certificate contains information about character encoding elsewhere?

Answer 1

The standard specifies what each field is or can be, charset wise. And that pretty much defines it.

Furthermore - if you access a field you in essence get to see the type it was actually encoded as. So you know that what follows is UTF8, etc.

And the API absolves you from all control - so a GENERAL_NAME just breaks up into things like the field specifying objects (e.g. commonName, etc) - and the field values (e.g. a UTF8 coded name of a person). Likewise for a URI or email address - and the more contrained value that goes with that. And you get informed (obj->type) as to what it is (ASN1_UTF8STRING, etc).

So each time - what you get back is the string and how it was encoded.