SET OF parsing issue
#427
Comments
|
DER does require SET OF values to be in lexicographic order. See file:///Users/alex_gaynor/Downloads/T-REC-X.690-202102-I!!PDF-E.pdf section 11.6. |
|
Ooops, I'm guessing (hoping!) that that https://www.itu.int/rec/T-REC-X.690-202102-I is the doc |
|
Yes, you're right, somehow I missed that section. Unfortunately I cannot change how that certificate is generated. Thank you for the prompt reply. |
|
If you have a need for a non-strict SetOf, my recommendation would be to basically copy the See https://github.com/pyca/cryptography/blob/main/src/rust/cryptography-x509/src/common.rs#L329-L355 for a similar example. |
|
Thank you for the suggestion. I tried that approach, but I found some difficulties because the I also tried to copy over the whole parser structure, but this creates other issues since I do not see an obvious way to do this or am I wrong? |
|
Hmm, you may be right, I hadn't remembered that it used something non-public. If you're ok with sub-par performance, an easy fix is to just pro-actively decode everything into a vec. |
Hello,
I am facing an issue parsing a certificate with a
SET OFfields that contains multiple elements.Specifically, I am getting a
ParseErrorKind::InvalidSetOrderingerror because for some reason, when parsing, it enforces the elements of the set to be in ascending order (see here), but I do not think that this is something that needs to be enforced forSET OF.Everything I read on the standard says that the order of SET values is not important, or it can be sorted based on the elements tags but not the actual elements value for DER encoding.
Because of this behaviour, I am unable to parse certificates like this one.
Is this an issue with the library or am I missing something?
Thank you in advance.
The text was updated successfully, but these errors were encountered: