mbedtls icon indicating copy to clipboard operation
mbedtls copied to clipboard

Published 20 hours ago verified publisher icon Mbed-TLS

Fix incorrect handling of T61 and other strings in `mbedtls_x509_dn_gets()`

Open davidhorstmann-arm opened this issue 8 months ago • 1 comments

These should be returned as strings by mbedtls_x509_dn_gets() rather than being returned in hexstring form.

Specifically:

  • Change mbedtls_x509_dn_gets() to render all string types plainly rather than in OID/hexstring format.
  • Add functionality to cert_write to create certificates whose subject names have a custom string tag.
  • Generate test certificates that have tags of different string types.
  • Add these new certificates as testcases in test_suite_x509.data.
  • (Add a ChangeLog)

PR checklist

Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")

  • [x] changelog provided
  • [x] 3.6 backport #9300
  • [x] 2.28 backport not required - problem doesn't exist in 2.28
  • [x] tests provided

davidhorstmann-arm avatar Jun 19 '24 14:06 davidhorstmann-arm