diff options
author | Marko Kreen <markokr@gmail.com> | 2019-10-17 04:07:56 +0300 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-10-17 09:07:56 +0800 |
commit | 16d3ae1b8e96b4c112c0f17911b5d14f0ed20385 (patch) | |
tree | 3567fa8961570052934a15a8b40443278e7fa9e7 | |
parent | ae13fec7fcf795afc198a14daaaf6e33b0513647 (diff) | |
download | cryptography-16d3ae1b8e96b4c112c0f17911b5d14f0ed20385.tar.gz cryptography-16d3ae1b8e96b4c112c0f17911b5d14f0ed20385.tar.bz2 cryptography-16d3ae1b8e96b4c112c0f17911b5d14f0ed20385.zip |
UniversalString needs to be encoded as UCS-4 (#5000)
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/encode_asn1.py | 2 | ||||
-rw-r--r-- | tests/x509/test_x509.py | 17 |
2 files changed, 19 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/encode_asn1.py b/src/cryptography/hazmat/backends/openssl/encode_asn1.py index fc16a58b..ca35f0e7 100644 --- a/src/cryptography/hazmat/backends/openssl/encode_asn1.py +++ b/src/cryptography/hazmat/backends/openssl/encode_asn1.py @@ -121,6 +121,8 @@ def _encode_sk_name_entry(backend, attributes): def _encode_name_entry(backend, attribute): if attribute._type is _ASN1Type.BMPString: value = attribute.value.encode('utf_16_be') + elif attribute._type is _ASN1Type.UniversalString: + value = attribute.value.encode('utf_32_be') else: value = attribute.value.encode('utf8') diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py index 07a6019b..fa3a41a7 100644 --- a/tests/x509/test_x509.py +++ b/tests/x509/test_x509.py @@ -4602,6 +4602,23 @@ class TestName(object): b"7000680079002e0069006f310d300b060355040a0c0450794341" ) + @pytest.mark.requires_backend_interface(interface=X509Backend) + def test_universalstring_bytes(self, backend): + # UniversalString is UCS-4 + name = x509.Name([ + x509.NameAttribute( + NameOID.COMMON_NAME, + u'cryptography.io', + _ASN1Type.UniversalString + ), + x509.NameAttribute(NameOID.ORGANIZATION_NAME, u'PyCA'), + ]) + assert name.public_bytes(backend) == binascii.unhexlify( + b"30563145304306035504031c3c00000063000000720000007900000070000000" + b"740000006f000000670000007200000061000000700000006800000079000000" + b"2e000000690000006f310d300b060355040a0c0450794341" + ) + @pytest.mark.supported( only_if=lambda backend: backend.ed25519_supported(), |