Re: [Cryptography-dev] How to copy attributes & extensions from CSR to CSRB?

Ian Pilcher via Cryptography-dev Thu, 17 Apr 2025 12:44:55 -0700

On 4/16/25 6:14 PM, Paul Kehrer wrote:

Separately, the reason extensions appear in attributes is because that'sactually how extensions are encoded in CSRs! Extensions are a dedicatedfield in tbsCertificate, but a CSR is this:
   CertificationRequestInfo ::= SEQUENCE {
         version       INTEGER { v1(0) } (v1,...),
         subject       Name,
         subjectPKInfo SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
         attributes    [0] Attributes{{ CRIAttributes }}
    }


Makes perfect sense.  If my understanding is correct, almost everything
in a CSR is an attribute.

Sounds like my approach is reasonable with the API as it exists today.

Thanks!

--
========================================================================
If your user interface is intuitive in retrospect ... it isn't intuitive
========================================================================
_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev

Re: [Cryptography-dev] How to copy attributes & extensions from CSR to CSRB?

Reply via email to