diff options
author | wbond <will@wbond.net> | 2019-10-01 00:53:21 -0400 |
---|---|---|
committer | wbond <will@wbond.net> | 2019-10-01 00:53:21 -0400 |
commit | 4a0b9718208e1e4619ee90e2f99237bb007ac480 (patch) | |
tree | 6b4300e5768579ea25cdcb6ca1020c97352ef764 /asn1crypto | |
parent | 011ab06123a33e914262617d6a784c1d95d53f0f (diff) | |
download | asn1crypto-4a0b9718208e1e4619ee90e2f99237bb007ac480.tar.gz |
Allow X.509 certificates with improperly encoded DNSName and EmailAddress
Diffstat (limited to 'asn1crypto')
-rw-r--r-- | asn1crypto/core.py | 23 | ||||
-rw-r--r-- | asn1crypto/x509.py | 6 |
2 files changed, 17 insertions, 12 deletions
diff --git a/asn1crypto/core.py b/asn1crypto/core.py index 1f5eddd..933f8ca 100644 --- a/asn1crypto/core.py +++ b/asn1crypto/core.py @@ -5537,15 +5537,20 @@ def _build(class_, method, tag, header, contents, trailer, spec=None, spec_param else: value.method = method value._indefinite = True - if tag != value.tag and tag != value._bad_tag: - raise ValueError(unwrap( - ''' - Error parsing %s - tag should have been %s, but %s was found - ''', - type_name(value), - value.tag, - tag - )) + if tag != value.tag: + if isinstance(value._bad_tag, tuple): + is_bad_tag = tag in value._bad_tag + else: + is_bad_tag = tag == value._bad_tag + if not is_bad_tag: + raise ValueError(unwrap( + ''' + Error parsing %s - tag should have been %s, but %s was found + ''', + type_name(value), + value.tag, + tag + )) # For explicitly tagged, un-speced parsings, we use a generic container # since we will be parsing the contents and discarding the outer object diff --git a/asn1crypto/x509.py b/asn1crypto/x509.py index 9e4550e..8341bb2 100644 --- a/asn1crypto/x509.py +++ b/asn1crypto/x509.py @@ -71,7 +71,7 @@ from .util import int_to_bytes, int_from_bytes, inet_ntop, inet_pton class DNSName(IA5String): _encoding = 'idna' - _bad_tag = 19 + _bad_tag = (12, 19) def __ne__(self, other): return not self == other @@ -185,8 +185,8 @@ class EmailAddress(IA5String): # If the value has gone through the .set() method, thus normalizing it _normalized = False - # In the wild we've seen this encoded as a PrintableString - _bad_tag = 19 + # In the wild we've seen this encoded as a UTF8String and PrintableString + _bad_tag = (12, 19) @property def contents(self): |