-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Certificate extension not parsed #6475
Comments
Ok the actual problem here is that the DisplayText value is a BMPString, which we currently do not support. |
Hi! I ran into the what looks like the same issue when parsing a certificate used for TPM attestation for WebAuthn authentication using the Windows platform authenticator. This is a problem for https://github.com/Yubico/python-fido2 Error when accessing
Here's the certificate for reference:
|
Thanks for the report. I’ll take a look at this when I’m back at a computer but hopefully it’s another case where we just need to implement the missing DisplayText types! |
Yeah this is also a BMPString in certificate policies (with value BMPString { u"TCPA Trusted Platform Identity" }) |
I get an exception when accessing the extensions of a parsed certificate (probably due to "Certificate Policies").
Here is what I am using:
Certificate to parse: Subject: CN = ACCVRAIZ1, OU = PKIACCV, O = ACCV, C = ES
The certificate is present in the truststore on an Ubuntu system (/etc/ssl/certs/ACCVRAIZ1.pem)
After parsing the certificate an exception is raised when accessing the extensions:
The problem does not occur using cryptography 3.4.8. Here the extension looks like follows:
Openssl decodes the certificate, but leaves the explicit text blank.
The text was updated successfully, but these errors were encountered: