diff options
author | Thomas Erbesdobler <t.erbesdobler@gmx.de> | 2020-03-03 03:26:07 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-02 21:26:07 -0500 |
commit | ed71c5cc07e4a0bb7a58f4e0731e5af3d4d4aa53 (patch) | |
tree | 4dd0830c94c9ecbe908a8a078b6851f5c60bca6d /src/cryptography/x509/name.py | |
parent | d12fd8d1c2851cec4af76d77b9ef7beaa83e837c (diff) | |
download | cryptography-ed71c5cc07e4a0bb7a58f4e0731e5af3d4d4aa53.tar.gz cryptography-ed71c5cc07e4a0bb7a58f4e0731e5af3d4d4aa53.tar.bz2 cryptography-ed71c5cc07e4a0bb7a58f4e0731e5af3d4d4aa53.zip |
Reversed the order of RDNs in x509.Name.rfc4514_string() (#5120)
RFC4514 requires in section 2.1 that RDNs are converted to string
representation in reversed order.
Diffstat (limited to 'src/cryptography/x509/name.py')
-rw-r--r-- | src/cryptography/x509/name.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/cryptography/x509/name.py b/src/cryptography/x509/name.py index 0d58acdd..922cab5a 100644 --- a/src/cryptography/x509/name.py +++ b/src/cryptography/x509/name.py @@ -216,9 +216,11 @@ class Name(object): An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in - real world certificates. + real world certificates. According to RFC4514 section 2.1 the + RDNSequence must be reversed when converting to string representation. """ - return ','.join(attr.rfc4514_string() for attr in self._attributes) + return ','.join( + attr.rfc4514_string() for attr in reversed(self._attributes)) def get_attributes_for_oid(self, oid): return [i for i in self if i.oid == oid] @@ -253,7 +255,9 @@ class Name(object): return sum(len(rdn) for rdn in self._attributes) def __repr__(self): + rdns = ','.join(attr.rfc4514_string() for attr in self._attributes) + if six.PY2: - return "<Name({})>".format(self.rfc4514_string().encode('utf8')) + return "<Name({})>".format(rdns.encode('utf8')) else: - return "<Name({})>".format(self.rfc4514_string()) + return "<Name({})>".format(rdns) |