support rfc822Name general name encoding
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 637b28c..266a847 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -221,6 +221,14 @@
other_name.value = value
gn.type = backend._lib.GEN_OTHERNAME
gn.d.otherName = other_name
+ elif isinstance(alt_name, x509.RFC822Name):
+ gn = backend._lib.GENERAL_NAME_new()
+ assert gn != backend._ffi.NULL
+ asn1_str = _encode_asn1_str(
+ backend, alt_name._encoded, len(alt_name._encoded)
+ )
+ gn.type = backend._lib.GEN_EMAIL
+ gn.d.rfc822Name = asn1_str
else:
raise NotImplementedError(
"Only DNSName and RegisteredID supported right now"
diff --git a/tests/test_x509.py b/tests/test_x509.py
index cb61726..2539be4 100644
--- a/tests/test_x509.py
+++ b/tests/test_x509.py
@@ -1008,6 +1008,9 @@
type_id=x509.ObjectIdentifier("1.2.3.3.3.3"),
value=b"0\x03\x02\x01\x05"
),
+ x509.RFC822Name(u"test@example.com"),
+ x509.RFC822Name(u"email"),
+ x509.RFC822Name(u"email@em\xe5\xefl.com"),
]),
critical=False,
).sign(private_key, hashes.SHA256(), backend)
@@ -1034,6 +1037,9 @@
type_id=x509.ObjectIdentifier("1.2.3.3.3.3"),
value=b"0\x03\x02\x01\x05"
),
+ x509.RFC822Name(u"test@example.com"),
+ x509.RFC822Name(u"email"),
+ x509.RFC822Name(u"email@em\xe5\xefl.com"),
]
def test_invalid_asn1_othername(self, backend):
@@ -1064,7 +1070,7 @@
])
).add_extension(
x509.SubjectAlternativeName([
- x509.RFC822Name(u"test@example.com"),
+ x509.UniformResourceIdentifier(u"http://test.com"),
]),
critical=False,
)