x509-cert: support for GN in names (#1648)

baloo · web-flow · commit 8e637f603a81 · 2025-02-06T07:56:57.000-07:00
* oiddbgen: allow comments in the ldap database
* const-oid: support for GN as an alias to givenName
* x509-cert: test support for givenName
diff --git a/const-oid/oiddbgen/ldap-parameters-3.csv b/const-oid/oiddbgen/ldap-parameters-3.csv
@@ -201,7 +201,7 @@ generalizedTimeMatch,M,2.5.13.27,[RFC4517]
 generalizedTimeOrderingMatch,M,2.5.13.28,[RFC4517]
 generationQualifier,A,2.5.4.44,[RFC4519]
 givenName,A,2.5.4.42,[RFC4519]
-GN,A,RESERVED,[RFC4519]
+GN,A,2.5.4.42,[RFC4519],"should be reserved, overridden. context: issue_1647"
 governingStructureRule,A,2.5.21.10,[RFC4512]
 groupOfNames,O,2.5.6.9,[RFC4519]
 groupOfUniqueNames,O,2.5.6.17,[RFC4519]
diff --git a/const-oid/oiddbgen/src/ldap.rs b/const-oid/oiddbgen/src/ldap.rs
@@ -10,11 +10,18 @@ impl<'a> LdapParser<'a> {
         self.0.lines().filter_map(|line| {
             let (name, next) = line.split_at(line.find(',').unwrap());
             let (.., next) = next[1..].split_at(next[1..].find(',').unwrap());
-            let (obid, spec) = next[1..].split_at(next[1..].find(',').unwrap());
+            let (obid, next) = next[1..].split_at(next[1..].find(',').unwrap());
 
             let indx = obid.find('.')?;
             obid.split_at(indx).0.parse::<usize>().ok()?;
 
+            let spec = if let Some(boundary) = next[1..].find(',') {
+                let (spec, _comment) = next[..].split_at(boundary + 1);
+                spec
+            } else {
+                next
+            };
+
             if !spec.trim().starts_with(",[RFC") {
                 return None;
             }
diff --git a/const-oid/src/db/gen.rs b/const-oid/src/db/gen.rs
@@ -1543,6 +1543,7 @@ pub mod rfc4519 {
     pub const SN: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.4");
     pub const SURNAME: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.4");
     pub const NAME: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.41");
+    pub const GN: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.42");
     pub const GIVEN_NAME: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.42");
     pub const INITIALS: crate::ObjectIdentifier = crate::ObjectIdentifier::new_unwrap("2.5.4.43");
     pub const GENERATION_QUALIFIER: crate::ObjectIdentifier =
@@ -4373,6 +4374,7 @@ pub const DB: super::Database<'static> = super::Database(&[
     (&rfc4519::SN, "sn"),
     (&rfc4519::SURNAME, "surname"),
     (&rfc4519::NAME, "name"),
+    (&rfc4519::GN, "GN"),
     (&rfc4519::GIVEN_NAME, "givenName"),
     (&rfc4519::INITIALS, "initials"),
     (&rfc4519::GENERATION_QUALIFIER, "generationQualifier"),
diff --git a/x509-cert/tests/name.rs b/x509-cert/tests/name.rs
@@ -410,3 +410,12 @@ fn access_attributes() {
         "US"
     );
 }
+
+#[cfg(feature = "std")]
+#[test]
+fn decode_given_name() {
+    use std::str::FromStr;
+
+    Name::from_str("GN=my_name,SN=my_sn").unwrap();
+    Name::from_str("givenName=my_name,SN=my_sn").unwrap();
+}
