x509-parser Missing some standard certificate extensions

This crate parses most standard certificate extensions defined in RFC 5280, but it seems to be missing the following:

Certificate Extensions:

Issuer Alternative Name (§4.2.1.7)
Subject Directory Attributes (§4.2.1.8)
CRL Distribution Points (§4.2.1.13)
Freshest CRL (a.k.a. Delta CRL Distribution Point) (§4.2.1.15)

It's also missing some CRL and CRL Entry extensions:

Delta CRL Indicator (§5.2.4)
Issuing Distribution Point(§5.2.5)
Certificate Issuer (§5.3.3)

I don't know how much the CRL ones matter, though this crate does support 3 such CRL/CRL Entry extensions already (plus the ones that are identical to certificate extensions).

Jun 15 '21 18:06 lilyball

@chifflier Freshest CRL (OID_X509_EXT_FRESHEST_CRL) uses the same Distribution Points type

FreshestCRL ::= CRLDistributionPoints

So it should be pretty trivial to add that to the set of parsed extensions.

Dec 17 '21 23:12 lilyball

Issuing Distribution Point(§5.2.5)

I've implemented support for this CRL extension in https://github.com/rusticata/x509-parser/pull/146

Aug 26 '23 18:08 cpu