Code Monkey home page Code Monkey logo

Comments (8)

wbond avatar wbond commented on June 3, 2024 1

The code at #270 should fix this

from asn1crypto.

joernheissler avatar joernheissler commented on June 3, 2024

Hi,
I think (really not sure!) the problem is here:
https://github.com/wbond/asn1crypto/blob/master/asn1crypto/x509.py#L1028-L1031

  else:
     value = DirectoryString(
                    name=encoding_name,
                    value=encoding_class(attribute_value)
                )

The build function assumes, with some exceptions, assumes that everything is a DirectoryString. When this code is changed to use the type from NameTypeAndValue._oid_specs it works as expected.

from asn1crypto.

joseph-lo-nvtw avatar joseph-lo-nvtw commented on June 3, 2024

Hi,

Regarding the document of TCG EK Credential Profile below.
https://trustedcomputinggroup.org/wp-content/uploads/TCG-EK-Credential-Profile-V-2.5-R2_published.pdf

In section 3.2, there is a table mentioned the type of subject alt name for TPM Manufacturer, model, and version should be GeneralName and directoryName.

Does that mean we should fix this as the comment 1 mentioned?

Thanks.

from asn1crypto.

jinhua115 avatar jinhua115 commented on June 3, 2024

from asn1crypto.

wbond avatar wbond commented on June 3, 2024

Yes, it looks like switching it to use the data from NameTypeAndValue._oid_specs is probably the correct move.

from asn1crypto.

wbond avatar wbond commented on June 3, 2024

@joseph-lo-nvtw I looked at https://trustedcomputinggroup.org/wp-content/uploads/TCG-EK-Credential-Profile-V-2.5-R2_published.pdf and it still specifies UTF8String for tcg-at-tpmManufacturer (e.g. 2.23.133.2.1), etc.

from asn1crypto.

joseph-lo-nvtw avatar joseph-lo-nvtw commented on June 3, 2024

Yes, the final raw binary string in ASN1 is UTF8String.

But regarding Table 1 in section 3.2, the RFC5280 type of Subject Alternative Name is directoryName.
Which data type should we use here?
https://github.com/wbond/asn1crypto/blob/master/asn1crypto/x509.py#L689

With UTF8String, it doesn't work correctly. The x509.Name.build logic doesn't accept UTF8String data type.

Thanks for your reply.

from asn1crypto.

joseph-lo-nvtw avatar joseph-lo-nvtw commented on June 3, 2024

Hi @wbond ,

Thanks for the fix. I have verified it.

from asn1crypto.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.