diff options
| author | Andrea De Pasquale <447065+adepasquale@users.noreply.github.com> | 2020-03-19 20:23:35 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-19 15:23:35 -0400 |
| commit | 87b2749c52e688c809f1861e55d958c64147493c (patch) | |
| tree | acb7980da6a59fb88961dc1c6b670064a5102d85 /src | |
| parent | 416d6856f19121c0102575a50bba6360c4708bb0 (diff) | |
| download | cryptography-87b2749c52e688c809f1861e55d958c64147493c.tar.gz cryptography-87b2749c52e688c809f1861e55d958c64147493c.tar.bz2 cryptography-87b2749c52e688c809f1861e55d958c64147493c.zip | |
Allow NameAttribute.value to be an empty string (#5109)
* Allow NameAttribute.value to be an empty string
RFC 4514 https://tools.ietf.org/html/rfc4514 does not mention that
"AttributeValue" can not be an empty (zero-length) string.
Fixes #5106
* reverse order to match fix from another PR
Co-authored-by: Paul Kehrer <paul.l.kehrer@gmail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/x509/name.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/cryptography/x509/name.py b/src/cryptography/x509/name.py index 922cab5a..6816e063 100644 --- a/src/cryptography/x509/name.py +++ b/src/cryptography/x509/name.py @@ -54,6 +54,9 @@ _NAMEOID_TO_NAME = { def _escape_dn_value(val): """Escape special characters in RFC4514 Distinguished Name value.""" + if not val: + return '' + # See https://tools.ietf.org/html/rfc4514#section-2.4 val = val.replace('\\', '\\\\') val = val.replace('"', '\\"') @@ -93,9 +96,6 @@ class NameAttribute(object): "Country name must be a 2 character country code" ) - if len(value) == 0: - raise ValueError("Value cannot be an empty string") - # The appropriate ASN1 string type varies by OID and is defined across # multiple RFCs including 2459, 3280, and 5280. In general UTF8String # is preferred (2459), but 3280 and 5280 specify several OIDs with |