diff options
| author | Andrew Kelley <andrew@ziglang.org> | 2023-01-16 21:47:15 -0700 |
|---|---|---|
| committer | Andrew Kelley <andrew@ziglang.org> | 2023-01-17 00:09:34 -0700 |
| commit | 7623f3fad0f077d06ffef9eccdf77cb847e14f35 (patch) | |
| tree | 41bfe6a17b8b9c33b1ec9cfb7927ff129945f135 | |
| parent | 86308ba1e11a083f4ec91cf3b0e81a791892f851 (diff) | |
| download | zig-7623f3fad0f077d06ffef9eccdf77cb847e14f35.tar.gz zig-7623f3fad0f077d06ffef9eccdf77cb847e14f35.zip | |
std.crypto.Certificate: skip unknown attributes
| -rw-r--r-- | lib/std/crypto/Certificate.zig | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/std/crypto/Certificate.zig b/lib/std/crypto/Certificate.zig index 835232a36a..5785b40433 100644 --- a/lib/std/crypto/Certificate.zig +++ b/lib/std/crypto/Certificate.zig @@ -61,8 +61,10 @@ pub const Attribute = enum { countryName, localityName, stateOrProvinceName, + streetAddress, organizationName, organizationalUnitName, + postalCode, organizationIdentifier, pkcs9_emailAddress, domainComponent, @@ -73,8 +75,10 @@ pub const Attribute = enum { .{ &[_]u8{ 0x55, 0x04, 0x06 }, .countryName }, .{ &[_]u8{ 0x55, 0x04, 0x07 }, .localityName }, .{ &[_]u8{ 0x55, 0x04, 0x08 }, .stateOrProvinceName }, + .{ &[_]u8{ 0x55, 0x04, 0x09 }, .streetAddress }, .{ &[_]u8{ 0x55, 0x04, 0x0A }, .organizationName }, .{ &[_]u8{ 0x55, 0x04, 0x0B }, .organizationalUnitName }, + .{ &[_]u8{ 0x55, 0x04, 0x11 }, .postalCode }, .{ &[_]u8{ 0x55, 0x04, 0x61 }, .organizationIdentifier }, .{ &[_]u8{ 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01 }, .pkcs9_emailAddress }, .{ &[_]u8{ 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19 }, .domainComponent }, @@ -389,13 +393,16 @@ pub fn parse(cert: Certificate) !Parsed { var atav_i = atav.slice.start; while (atav_i < atav.slice.end) { const ty_elem = try der.Element.parse(cert_bytes, atav_i); - const ty = try parseAttribute(cert_bytes, ty_elem); const val = try der.Element.parse(cert_bytes, ty_elem.slice.end); + atav_i = val.slice.end; + const ty = parseAttribute(cert_bytes, ty_elem) catch |err| switch (err) { + error.CertificateHasUnrecognizedObjectId => continue, + else => |e| return e, + }; switch (ty) { .commonName => common_name = val.slice, else => {}, } - atav_i = val.slice.end; } rdn_i = atav.slice.end; } |