Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issue extracting email addresses from otherName SAN values #52

Merged
merged 1 commit into from
Nov 3, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pkilint/cabf/smime/smime_name.py
Original file line number Diff line number Diff line change
Expand Up @@ -456,6 +456,6 @@ def get_email_addresses_from_san(cert_document):
if name == 'rfc822Name':
email_addresses.append(value.pdu)
elif name == 'otherName' and value.navigate('type-id').pdu == rfc8398.id_on_SmtpUTF8Mailbox:
email_addresses.append(value.navigate('value').pdu)
email_addresses.append(value.navigate('value').child[1].pdu)

return email_addresses
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
-----BEGIN CERTIFICATE-----
MIIF1DCCA7ygAwIBAgIUeWoVg5UeWvEOdZS+4GFIK+uCmEgwDQYJKoZIhvcNAQEL
MIIF+zCCA+OgAwIBAgIUeWoVg5UeWvEOdZS+4GFIK+uCmEgwDQYJKoZIhvcNAQEL
BQAwSDELMAkGA1UEBhMCVVMxHzAdBgNVBAoMFkZvbyBJbmR1c3RyaWVzIExpbWl0
ZWQxGDAWBgNVBAMMD0ludGVybWVkaWF0ZSBDQTAeFw0yMzA0MjgwMDAwMDBaFw0y
MzA3MjcyMzU5NTlaMEIxFjAUBgNVBAMMDVlBTUFEQSBIYW5ha28xKDAmBgkqhkiG
Expand All @@ -9,33 +9,33 @@ AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI
qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0
yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe
NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1
JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjggG6MIIBtjAM
JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjggHhMIIB3TAM
BgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAfBgNVHSMEGDAWgBTWRAAyfKgN
/6xPa2buta6bLMU4VDAdBgNVHQ4EFgQUiRlZXg7xafXLvUfhNPzimMxpMJEwFAYD
VR0gBA0wCzAJBgdngQwBBQQCMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwu
Y2EuZXhhbXBsZS5jb20vaXNzdWluZ19jYV9jcmwuY3JsMEsGCCsGAQUFBwEBBD8w
PTA7BggrBgEFBQcwAoYvaHR0cDovL3JlcG9zaXRvcnkuY2EuZXhhbXBsZS5jb20v
aXNzdWluZ19jYS5kZXIwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMIGU
BgNVHREEgYwwgYmBGWhhbmFrby55YW1hZGFAZXhhbXBsZS5jb22gKQYKKwYBBAGC
aXNzdWluZ19jYS5kZXIwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMIG7
BgNVHREEgbMwgbCBGWhhbmFrby55YW1hZGFAZXhhbXBsZS5jb22gKQYKKwYBBAGC
NxQCA6AbDBloYW5ha28ueWFtYWRhQGV4YW1wbGUuY29toCYGCCsGAQUFBwgJoBoM
GOWxseeUsOiKseWtkEBleGFtcGxlLmNvbaQZMBcxFTATBgNVBAMMDOWxseeUsOiK
seWtkDANBgkqhkiG9w0BAQsFAAOCAgEAhYvgYxtfQpV5Casm9zxWHQ0CFlftr6lb
nub59zfAQO2zoTUuk43H//r19N13KjqN1APRoihTNzQ9dPB5h1vwkK5nP+j57p3s
a9vJn7Po9mI1+mrCHQuulP/pqVNOnDcdzLyi4gCHhVx8ospV6B0BNeh8jF4a14pY
45FMMQTwZxUwq/npg0eseV8HkwYtLLn+17ZdiwpravE6jUwbcFkiBTZUcHUrerc7
aJt+LptzCHyyUowkMsVC3xvK3XCP4TmtI41ThB6ytDY59BfjIuMxfvRgEs0e8/e/
NWtzJZUty9BogK/cRXIJy6PeESbgELedzYAKiPTrgfPhl3ymZbeB6ruNKwjwty2D
jf7wfDa45Z0+0WPAcxiEyk0vhPMUVHCPhv/dlnYF+Jz+tBSdtUaKTBOXiOjgOg5Q
gtjdxZBH8R5hby+8WRdK3vFsadGTvMWjQnp3i2PRusIEQXTIBw75YV5ZUN0gKpTq
HvDwVmkYjtLrKgcFr/GDJtH15Omk6uCTML4OS5qhxFW9QMhbTto8KsW0EmSzdiLS
uVdYeBP6DkA/5CawYv+L0Kw4Sl73sr/hKETTOk952b6Fdl6YeLg9N+wMO0yHZ9TG
JCZ059L00/6Tp8Ybca7VYd/QLXPQv6F2/szWociXle5xk4BSVy0L6sRGtzOXCI8z
qGwncex6yVM=
seWtkKQlMCMxITAfBgNVBAMMGOWxseeUsOiKseWtkEBleGFtcGxlLmNvbTANBgkq
hkiG9w0BAQsFAAOCAgEAhYvgYxtfQpV5Casm9zxWHQ0CFlftr6lbnub59zfAQO2z
oTUuk43H//r19N13KjqN1APRoihTNzQ9dPB5h1vwkK5nP+j57p3sa9vJn7Po9mI1
+mrCHQuulP/pqVNOnDcdzLyi4gCHhVx8ospV6B0BNeh8jF4a14pY45FMMQTwZxUw
q/npg0eseV8HkwYtLLn+17ZdiwpravE6jUwbcFkiBTZUcHUrerc7aJt+LptzCHyy
UowkMsVC3xvK3XCP4TmtI41ThB6ytDY59BfjIuMxfvRgEs0e8/e/NWtzJZUty9Bo
gK/cRXIJy6PeESbgELedzYAKiPTrgfPhl3ymZbeB6ruNKwjwty2Djf7wfDa45Z0+
0WPAcxiEyk0vhPMUVHCPhv/dlnYF+Jz+tBSdtUaKTBOXiOjgOg5QgtjdxZBH8R5h
by+8WRdK3vFsadGTvMWjQnp3i2PRusIEQXTIBw75YV5ZUN0gKpTqHvDwVmkYjtLr
KgcFr/GDJtH15Omk6uCTML4OS5qhxFW9QMhbTto8KsW0EmSzdiLSuVdYeBP6DkA/
5CawYv+L0Kw4Sl73sr/hKETTOk952b6Fdl6YeLg9N+wMO0yHZ9TGJCZ059L00/6T
p8Ybca7VYd/QLXPQv6F2/szWociXle5xk4BSVy0L6sRGtzOXCI8zqGwncex6yVM=
-----END CERTIFICATE-----
node_path,validator,severity,code,message
certificate.tbsCertificate.subject.rdnSequence,SubscriberSubjectValidator,ERROR,cabf.smime.missing_required_attribute,"Missing one of these required attributes: 2.5.4.4, 2.5.4.42, 2.5.4.65"
certificate.tbsCertificate.subject.rdnSequence.0.0.value.x520CommonName,CommonNameValidator,ERROR,cabf.smime.common_name_value_unknown_source,"Unknown CN value source: ""YAMADA Hanako"""
certificate.tbsCertificate.extensions.3.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,
certificate.tbsCertificate.extensions.8.extnValue.subjectAltName.3.directoryName.rdnSequence,SubscriberSubjectValidator,ERROR,cabf.smime.missing_required_attribute,"Missing one of these required attributes: 2.5.4.4, 2.5.4.42, 2.5.4.65"
certificate.tbsCertificate.extensions.8.extnValue.subjectAltName.3.directoryName.rdnSequence.0.0.value.x520CommonName,CommonNameValidator,ERROR,cabf.smime.common_name_value_unknown_source,"Unknown CN value source: ""山田花子"""

certificate.tbsCertificate.extensions.8.extnValue.subjectAltName.4.directoryName.rdnSequence,SubscriberSubjectValidator,ERROR,cabf.smime.missing_required_attribute,"Missing one of these required attributes: 2.5.4.4, 2.5.4.42, 2.5.4.65"