Appendix A. Characters in CORE Names

CORE CORE allows using a subset of the ASCII printable characters (character code 32-127), including the following:

  • Digits (0 - 9) and letters (A - Z, a - z).
  • A subset of special characters that are neither letters nor digits.

Using the extended character codes (128-255), such as various currency signs (e.g. €, £, ¥), is not allowed.

In addition, UTF-8 encoded characters may be used in the following CORE entity names:

  • Partitions
  • Roles
  • Groups

Special Characters in UCL

UCLClosedUnbound Command Language commands are executed by the CLIClosedCommand Line Interface shell of the hosting OS. Characters that have special meaning in the CLIClosedCommand Line Interface shell must be escaped using the shell-specific escape character.

For example, is a common practice to use "!","$", and "%" in user passwords. However, "!" followed by a character triggers bash history function. It is OK to use Password1! because "!" is the last character in the string, but to use Password1!!! you have two options:

  • Escape all "!" except the last one: Password1\!\!!
  • Escape the complete string: 'Password1!!!'

Case Sensitivity in CORE Entity Names

  • Names of the following CORE entities are case-sensitive:
    • Keys
    • Certificates
    • Secrets
  • Names of the following CORE entities are case-insensitive:
    • Hostnames
    • Partitions
    • Clients
    • Users
    • Roles
    • Groups
    • Keystore names

Hostname Special Characters

The only permitted special character is dash (-).

Keystore Name Characters

Keystore name:

  • Must include at least one letter or character.
  • Must contain less than 256 characters.
  • Must not include space.
  • The only permitted special characters are: 
    • Underscore (_)
    • Dash (-)
    • Dot (.)

Keyname Permitted Characters

  1. Names of keys that are located in external keystores must comply with the external keystore requirements.
  2. A name of key, secret, or certificate that is located in CORE only can contain any ASCII printable character.
  3. However, for compatibility with certain PKCSClosedPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#11 implementations, UCLClosedUnbound Command Language presents the name of a key that has special characters as follows:

    • Name with the following special characters is presented "as is" (using printable characters): 
      • Ampersand (@)
      • Dash (-)
      • Dot (.)
      • Space, if the name is escaped by a pair of 'single quotes'.
    • Name with any other special character is presented using the ASCII encoding of all characters in the name, prefixed with "0x". ". For example, a key named "a_b" is presented using the three characters' hexadecimal encoding "0x615f62"..

    CORE UI presents all characters as-is.

Key-group Name Characters

Key-group names are:

  • Trimmed from leading and trailing spaces.
  • Can't contain the space character.

Client Name Characters

Client name may contain

  • Letters 'a' through 'z' (case-insensitive)
  • Digits '0' through '9'
  • Dash (-)
  • Underscore (_)

Username Characters

A user name can contain any ASCII printable character except for the following:

  • Space or question mark ( ), (?)
  • Forward or backward slash (/), (\)
  • Left-square or right-square bracket ([), (])
  • Left-angle or right-angle bracket (<), (>)
  • Colon or semicolon (:), (;)
  • Equal or plus sign (=), (+)
  • Asterisk, double-quote, or ampersand (*), ("), (@)
  • Delete

Password Characters

User passwords may contain any ASCII printable characters (character code 32-127) except SPACE and DELETE characters.

All special characters are permitted, however, only these ones are counted as mandatory special characters:

@ # $ % ^ & + = !

It is a common practice to use "!", "$", and "%" in user passwords. Yet, these characters may have special meaning in the OS shell that executes the CORE CLIClosedCommand Line Interface commands. To use passwords as script variables, enclose them in single quotes: --password '<Password>', escape using backslash Password1\!\!, or use any other method specified by the OS shell.

REST URI Characters

Special characters provided in the HTTP headers of the CORE RESTClosedRepresentational State Transfer (REST) - an architectural style that defines a set of constraints and properties based on HTTP. Web Services that conform to the REST architectural style, or RESTful web services, provide interoperability between computer systems on the Internet. calls must comply with the URI Percent-encoding requirements.

For example:

In particular, character % must be replaced with its URI encoding %25.

CSR Distinguished Name Special Characters

CSRClosedCertificate Signing Request - a message sent from an applicant to a certificate authority in order to apply for a digital identity certificate Distinguished Name (DNAME) includes the following components:

  • CN: CommonName
  • OU: OrganizationalUnit
  • O: Organization
  • L: Locality
  • S: StateOrProvinceName
  • C: CountryName

A DNAME is a string of these component-value pairs separated by a comma. For example:

"CN=Provider, OU=Support&Sales, O=AB&C Ltd., L=St. Louis, ST=Missouri, C=US"

Note that

  • Components are separated by the comma (,) character.
  • Spaces, dots, and other characters (&) can be used in the value part of each component.
  • Note
    Because the comma and double-quote characters are used as the separators, their use in the value part has to be escaped. For example, O=AB&C, Ltd. must be encoded as O=AB&C\, Ltd.

The following characters in the value part of the component-value pair must be escaped using the backward slash (\):

  • Comma (,)
  • Backward slash (\)
  • Left-angle or right-angle bracket (<), (>)
  • Semicolon (;)
  • Equal or plus sign (=), (+)
  • Double-quote (")