Skip to content

x509-cert: BMPString support for DirectoryString #1792

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Chaoses-Ib opened this issue May 2, 2025 · 0 comments · May be fixed by #1794
Open

x509-cert: BMPString support for DirectoryString #1792

Chaoses-Ib opened this issue May 2, 2025 · 0 comments · May be fixed by #1794

Comments

@Chaoses-Ib
Copy link

der already supports BmpString according to #693 (comment), but DirectoryString in x509-cert still doesn't:

formats/x509-cert/src/ext/pkix/name/dirstr.rs

Lines 39 to 55 in 217b6ef

/// The implication of the above paragraph is that `PrintableString` and
/// `UTF8String` are the new types and the other types are legacy. Until
/// the need arises, we only support `PrintableString` and `UTF8String`.
///
/// [RFC 5280 Section 4.2.1.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
#[derive(Clone, Debug, Eq, PartialEq, Choice, ValueOrd)]
#[allow(missing_docs)]
pub enum DirectoryString {
#[asn1(type = "PrintableString")]
PrintableString(PrintableString),
#[asn1(type = "TeletexString")]
TeletexString(TeletexString),
#[asn1(type = "UTF8String")]
Utf8String(String),
}

BmpString is still used by Windows when creating certs with non-ASCII strings. The lack of support for BmpString makes x509-cert unable to read non-ASCII names from those certs.

Sample cert:

-----BEGIN CERTIFICATE-----
MIIDSDCCAjCgAwIBAgIQKPABcjfrcIpG1K6NEhSpIjANBgkqhkiG9w0BAQUFADBN
MUswSQYDVQQDHkIAVwBEAEsAVABlAHMAdABDAGUAcgB0ACBt92yMACwAMQAzADMA
OQAwADYANwAxADYAMwA5ADAAOAAzADMAMQA5ADMwHhcNMjUwNTAyMTUwMDM5WhcN
MzUwNTAyMDAwMDAwWjBNMUswSQYDVQQDHkIAVwBEAEsAVABlAHMAdABDAGUAcgB0
ACBt92yMACwAMQAzADMAOQAwADYANwAxADYAMwA5ADAAOAAzADMAMQA5ADMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlgz7PDdlf6UzTtcWMRpaGGCdg
KYQOBOJWg6lnTQMxALfWD2bzVrbLM8N2HlMUi1AhDmr3EX6xgFi3gdXB9DgZKwEB
C1yq9CtU3QEyb/BKdsSaBasZPwfNEak8shAacvi0ssDhd05CIPYpvAlyO1RP1+m9
g3LaHaTYnlPM1PYGr3yJ8qMprGsMepgrLf1AlHQRhWyEml5C0s/1WaflYo/NJnBy
thyxksCEM2+AeO8A6CtwkL1yL47i6WImqk68NbeDiYalGwFt1Nb1Yd8PVbE7FT36
4vdMJ7jdQxzsCDiIq+KORZGSF/nVVpDeWRy8W0YtcfQ0LRbpIdEpRJOpK2UZAgMB
AAGjJDAiMAsGA1UdDwQEAwIEMDATBgNVHSUEDDAKBggrBgEFBQcDAzANBgkqhkiG
9w0BAQUFAAOCAQEAycUVQ5SKUGsdQL5hkvJchs5I43/zEfEHRaT75lYlMn2lAMsa
qX4vDBanWs0no9+0/7j0hPRBamNZGFThE6MswXcYdJrxhfp0ZjHntK0IMWO8riVO
Y6O/4xHF8rUPQkOBFIcRBF19Ads2Qdfgtjzc+288YRCLiZ4TmWjYlg9TVst7x/Fo
Hl1xH2Nbvm8AYPX9iPoqEzbq9aPy2MWi9Pf+R0lfqAjsdvj85A4dZKD2ovjOYzPX
PBSJQizmCHjovucot2iB5MumoSGloHbIFZl2fe/2jqDjPwX4wDoYO94kenlhxedo
lX4Tf6VRXWA0hVpJiE7NQMaVtO6rO/5P0pE1Pg==
-----END CERTIFICATE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

x509-cert: add DirectoryString::BmpString dishmaker/formats
1 participant
@Chaoses-Ib