Skip to content

crypto/x509: ParseRevocationList allows country name fields longer than 2 chars #73020

New issue
New issue
Open
Open
crypto/x509: ParseRevocationList allows country name fields longer than 2 chars#73020
Labels
BugReportIssues describing a possible bug in the Go implementation.NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
@onepeople158

Description

@onepeople158
onepeople158
opened on Mar 24, 2025

Go version

go version go1.24.1 linux/amd64

Output of go env in your module/workspace:

CN=127.0.0.1ca,OU=Org,O=Company Name,L=Portland,ST=Oregon,C=USA
2025-01-01 00:00:00 +0000 UTC
2025-12-01 00:00:00 +0000 UTC
1

What did you do?

Hello Developer, I have a CRL file where the Country value in the Issuer field is "USA." Normally, ISO 3166-1 specifies two characters to represent a country name. However,go successfully printed the Issuer field information of this CRL file without any errors. Therefore, I would like to ask if this is a bug?

What did you see happen?

Go successfully printed this CRL file.

What did you expect to see?

For comparison, when using Python's Cryptography library to print this CRL file, the following warning was displayed: warning: must be >= 2 and <= 2, but it was 3.

main.zip

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugReportIssues describing a possible bug in the Go implementation.NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions