Cryptography cannot recognize the emailAddress type stored in the RelativeDistinguishedName.

[onepeople158]

Version:
cryptography-44.0.2

Hello Developer:

When I was using Cryptography to parse a CRL file with a RelativeDistinguishedName field, I noticed that Cryptography parsed the emailAddress as 1.2.840.113549.1.9.1, which is the OID form of emailAddress. Is this an error?

Code:

from cryptography.x509 import load_pem_x509_crl, load_der_x509_crl
from cryptography.x509 import ExtensionNotFound
import sys

def load_crl(file_path):
    with open(file_path, "rb") as f:
        crl_data = f.read()
    try:
        crl = load_pem_x509_crl(crl_data)
    except ValueError:
        crl = load_der_x509_crl(crl_data)
    return crl

def print_crl_issuer(file_path):
    aki_extension = None
    try:
        for ext in crl.extensions:
             if ext.oid == x509.oid.ExtensionOID.ISSUING_DISTRIBUTION_POINT:
                    idp=ext.value
                    print(idp.relative_name)
    except Exception as e:
        print(f"Error parsing CRL: {e}")

file_path = 'crl_Rdn_email.der'
print_crl_issuer(file_path)

Test Case:

crl_Rdn_email.zip

[alex]

This is as expected. The pretty names (e.g., CN=) are just for display, and E= is not one of hte mandatory short names from RFC 4514 https://datatracker.ietf.org/doc/html/rfc4514#section-3

[onepeople158]

This is as expected. The pretty names (e.g., ) are just for display, and is not one of hte mandatory short names from RFC 4514 https://datatracker.ietf.org/doc/html/rfc4514#section-3`CN=``E=`

Thank you for your reply.

[github-actions]

This issue has been waiting for a reporter response for 3 days. It will be auto-closed if no activity occurs in the next 5 days.

[github-actions]

This issue has not received a reporter response and has been auto-closed. If the issue is still relevant please leave a comment and we can reopen it.