add bmp option (#4537)

* add bmp option * add testing of a cert containing a BMP string --------- Co-authored-by: eldad.sitbon <[email protected]>
secdev · Jan 9, 2025 · 92925da · 92925da
1 parent 1bab604
commit 92925da
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/scapy/layers/x509.py b/scapy/layers/x509.py
@@ -218,12 +218,13 @@ class EdDSAPrivateKey(ASN1_Packet):
 #       Names       #
 
 class ASN1F_X509_DirectoryString(ASN1F_CHOICE):
-    # we include ASN1 bit strings for rare instances of x500 addresses
+    # we include ASN1 bit strings and bmp strings for rare instances of x500 addresses
     def __init__(self, name, default, **kwargs):
         ASN1F_CHOICE.__init__(self, name, default,
                               ASN1F_PRINTABLE_STRING, ASN1F_UTF8_STRING,
                               ASN1F_IA5_STRING, ASN1F_T61_STRING,
                               ASN1F_UNIVERSAL_STRING, ASN1F_BIT_STRING,
+                              ASN1F_BMP_STRING,
                               **kwargs)
 
 

diff --git a/test/scapy/layers/x509.uts b/test/scapy/layers/x509.uts
@@ -179,6 +179,13 @@ assert ext[6].extnValue.cRLDistributionPoints[0].distributionPoint.distributionP
 assert ext[8].extnValue.subjectAltName[1].generalName.dNSName == b"DC1.domain.local"
 assert ext[9].extnValue.value == b'S-1-5-21-1924137214-3718646274-40215721-1000'
 
+= Cert class : X509 Certificate with rare fields types
+cert_with_bmp_string = base64.b64decode('MIIB3DCCAaagAwIBAgIBATANBgkqhkiG9w0BAQsFADCB9jELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQHEwJMRzEXMBUGA1UEChMOV2Vic2Vuc2UsIEluYy4xGjAYBgNVBAsTEVdlYnNlbnNlIEVuZHBvaW50MSMwIQYJKoZIhvcNAQkBFhRzdXBwb3J0QHdlYnNlbnNlLmNvbTE2MDQGA1UEAxMtV2Vic2Vuc2UgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MTswOQYDVQQNHjIAMQAyADQANgAxADgAMwA1ADEANABFAFAAQAB3AGUAYgBzAGUAbgBzAGUALgBjAG8AbTAeFw0yNDExMDUxMDA0MjlaFw0yNDExMDYxMDE0MjlaMEMxCzAJBgNVBAYTAkZSMRQwEgYDVQQKEwtTY2FweSwgSW5jLjEeMBwGA1UEAxMVU2NhcHkgRGVmYXVsdCBTdWJqZWN0MBowDQYJKoZIhvcNAQELBQADCQAwBgIBCgIBA6MTMBEwDwYDVR0TAQEABAUwAwEBADANBgkqhkiG9w0BAQsFAAMhAGRlZmF1bHRzaWduYXR1cmVkZWZhdWx0c2lnbmF0dXJl')
+c = X509_Cert(cert_with_bmp_string)
+bmp_field_value = str(c.tbsCertificate.issuer[7].rdn[0].value.val, "utf-16be")
+assert bmp_field_value == '[email protected]'
+
+
 ############ CRL class ###############################################
 
 + X509_CRL class tests