diff --git a/Core/Security/m2crypto/__init__.py b/Core/Security/m2crypto/__init__.py index b88c275f155..016b6709354 100644 --- a/Core/Security/m2crypto/__init__.py +++ b/Core/Security/m2crypto/__init__.py @@ -11,10 +11,16 @@ VOMS_FQANS_OID = '1.3.6.1.4.1.8005.100.100.4' VOMS_EXTENSION_OID = '1.3.6.1.4.1.8005.100.100.5' VOMS_TAGS_EXT_OID = '1.3.6.1.4.1.8005.100.100.11' -ORGANIZATIONAL_UNIT_NAME_OID = '2.5.4.11' COMMON_NAME_OID = '2.5.4.3' +SURNAME_OID = '2.5.4.4' +SERIALNUMBER_OID = '2.5.4.5' COUNTRY_NAME = '2.5.4.6' +LOCALITY_NAME = '2.5.4.7' +STATE_OR_PROVINCE_NAME = '2.5.4.8' ORGANIZATION_NAME = '2.5.4.10' +ORGANIZATIONAL_UNIT_NAME_OID = '2.5.4.11' +TITLE_OID = '2.5.4.12' +GIVEN_NAME_OID = '2.5.4.42' # See https://tools.ietf.org/html/rfc3820#appendix-A @@ -27,6 +33,12 @@ COMMON_NAME_OID: '/CN=', COUNTRY_NAME: '/C=', DOMAIN_COMPONENT_OID: '/DC=', + GIVEN_NAME_OID: '/G=', + LOCALITY_NAME: '/L=', ORGANIZATION_NAME: '/O=', ORGANIZATIONAL_UNIT_NAME_OID: '/OU=', + SERIALNUMBER_OID: '/SERIALNUMBER=', + STATE_OR_PROVINCE_NAME: '/ST=', + SURNAME_OID: '/SN=', + TITLE_OID: '/T=', } diff --git a/Core/Security/m2crypto/asn1_utils.py b/Core/Security/m2crypto/asn1_utils.py index b79dba29dd6..5d56590eddf 100644 --- a/Core/Security/m2crypto/asn1_utils.py +++ b/Core/Security/m2crypto/asn1_utils.py @@ -90,10 +90,15 @@ def decodeDIRACGroup(m2cert): def _decodeASN1String(rdnNameAttrValue): """ Tries to decode a string encoded with the following type: - * UTF8String - * PrintableString + * BMPString * IA5String + * PrintableString + * TeletexString + * UTF8String + Most of these types come from the definition of the issuer field in RFC3280: + * The basic attributes, defined as DirectoryString (4.1.2.4 Issuer) + * the optional attributes (Appendix A. Psuedo-ASN.1 Structures and OIDs) This utility function is needed for 2 reasons: * Not all the attributes are encoded the same way, and as we do not want to bother @@ -107,7 +112,12 @@ def _decodeASN1String(rdnNameAttrValue): :returns: the decoded value or raises PyAsn1Error if nothing worked """ - for decodeType in (asn1char.UTF8String, asn1char.PrintableString, asn1char.IA5String): + for decodeType in ( + asn1char.UTF8String, + asn1char.PrintableString, + asn1char.IA5String, + asn1char.TeletexString, + asn1char.BMPString): try: attrValStr, _rest = der_decode(rdnNameAttrValue, decodeType()) # Decoding error, try the next type