search

wbond / asn1crypto

Python ASN.1 library with a focus on performance and a pythonic API
MIT License
335 stars 140 forks source link

Fix tagging for RoleSyntax and SecurityCategory #218

Closed MatthiasValvekens closed 2 years ago

MatthiasValvekens commented 3 years ago

This PR rectifies two incorrect applications of the 'implicit tags' tagging default declared in the X.509 ASN.1 module (EDIT: the relevant definitions are also reproduced in RFC 5755).

Concretely, it updates the asn1crypto definitions of RoleSyntax and SecurityCategory. As stipulated in ITU-T Rec. X.680 § C.3.2.2 (g), the 'implicit tags' directive does not apply to choice types and open types, since that would make them impossible to decode reliably. In fact, asn1crypto currently raises an exception when trying to encode a RoleSyntax value, for this exact reason.

All this PR does is change implicit to explicit in those two locations, and add a regression test.

wbond commented 2 years ago

Thanks for this fix! Sorry for not seeing this PR until now.