Name: add support for multi-value RDNs (#3202)

Update the Name class to accept and internally store a list of RelativeDistinguishedName objects. Add the 'rdns' attribute to give access to the RDNs. Update ASN.1 routines to correctly decode and encode multi-value RDNs. Fixes: https://github.com/pyca/cryptography/issues/3199
author: Fraser Tweedale <frase@frase.id.au> 2016-11-12 01:28:56 +1000
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2016-11-11 07:28:56 -0800
commit: 01ee6f5e391eee76e6cd3062de8fc84851bd06e3 (patch)
tree: 3309443a73201bcec03c5bb14df019e49eae798c /src/cryptography/hazmat/backends/openssl/decode_asn1.py
parent: 44eb89e911db7298a29640c9073c9e2ff4d5f806 (diff)
download: cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.tar.gz
cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.tar.bz2
cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.zip
1 files changed, 12 insertions, 4 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/decode_asn1.py b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
index f8e8c95c..2cbc349e 100644
--- a/src/cryptography/hazmat/backends/openssl/decode_asn1.py
+++ b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
@@ -45,11 +45,19 @@ def _decode_x509_name_entry(backend, x509_name_entry):
 def _decode_x509_name(backend, x509_name):
     count = backend._lib.X509_NAME_entry_count(x509_name)
     attributes = []
+    prev_set_id = -1
     for x in range(count):
         entry = backend._lib.X509_NAME_get_entry(x509_name, x)
-        attributes.append(_decode_x509_name_entry(backend, entry))
+        attribute = _decode_x509_name_entry(backend, entry)
+        set_id = backend._lib.Cryptography_X509_NAME_ENTRY_set(entry)
+        if set_id != prev_set_id:
+            attributes.append(set([attribute]))
+        else:
+            # is in the same RDN a previous entry
+            attributes[-1].add(attribute)
+        prev_set_id = set_id
 
-    return x509.Name(attributes)
+    return x509.Name(x509.RelativeDistinguishedName(rdn) for rdn in attributes)
 
 
 def _decode_general_names(backend, gns):
@@ -552,13 +560,13 @@ def _decode_crl_distribution_points(backend, cdps):
             else:
                 rns = cdp.distpoint.name.relativename
                 rnum = backend._lib.sk_X509_NAME_ENTRY_num(rns)
-                attributes = []
+                attributes = set()
                 for i in range(rnum):
                     rn = backend._lib.sk_X509_NAME_ENTRY_value(
                         rns, i
                     )
                     backend.openssl_assert(rn != backend._ffi.NULL)
-                    attributes.append(
+                    attributes.add(
                         _decode_x509_name_entry(backend, rn)
                     )
author	Fraser Tweedale <frase@frase.id.au>	2016-11-12 01:28:56 +1000
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2016-11-11 07:28:56 -0800
commit	01ee6f5e391eee76e6cd3062de8fc84851bd06e3 (patch)
tree	3309443a73201bcec03c5bb14df019e49eae798c /src/cryptography/hazmat/backends/openssl/decode_asn1.py
parent	44eb89e911db7298a29640c9073c9e2ff4d5f806 (diff)
download	cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.tar.gz cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.tar.bz2 cryptography-01ee6f5e391eee76e6cd3062de8fc84851bd06e3.zip