From 437cbeaedc8f2970ad533e2c0f95837fedc66fbc Mon Sep 17 00:00:00 2001
From: Corey Bonnell <corey.bonnell@digicert.com>
Date: Fri, 3 Nov 2023 14:42:27 -0400
Subject: [PATCH] Add a few test cases, update changelog

---
 CHANGELOG.md                                  |  6 +++
 .../multipurpose/smtputf8mailbox_only.crttest | 34 +++++++++++++++++
 .../smtputf8mailbox_only_cn_mismatch.crttest  | 37 +++++++++++++++++++
 3 files changed, 77 insertions(+)
 create mode 100644 tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only.crttest
 create mode 100644 tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only_cn_mismatch.crttest

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3ea91c1..613bfec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,12 @@
 
 All notable changes to this project from version 0.9.3 onwards are documented in this file.
 
+## 0.9.7 - 2023-11-03
+
+### Fixes
+
+- cabf.smime.common_name_value_unknown_source finding is incorrectly reported when SmtpUtf8Mailbox SAN values appear in the subject CN (#52 - reported and fixed by @hablutzel1)
+
 ## 0.9.6 - 2023-10-25
 
 ### Fixes
diff --git a/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only.crttest b/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only.crttest
new file mode 100644
index 0000000..1a25eb4
--- /dev/null
+++ b/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only.crttest
@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFUTCCAzmgAwIBAgIUH/nOhctN2lspZ2LasyeIMEixJzEwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCVVMxHzAdBgNVBAoMFkZvbyBJbmR1c3RyaWVzIExpbWl0
+ZWQxGDAWBgNVBAMMD0ludGVybWVkaWF0ZSBDQTAeFw0yMzA0MTkwMDAwMDBaFw0y
+MzA3MTgyMzU5NTlaMCMxITAfBgNVBAMMGOWxseeUsOiKseWtkEBleGFtcGxlLmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALD56BlDp66YkqreF8p8
+QPh0T+0vgUjmyOqie30AFUj7UZKrKLVsUGCxGMzRMeWUh0xsqYm1bCcpbwn7k6A0
+3zLpfG/wmYz9jm9C3aWKzR+peYbxRPPRVNZ2UBdeaFSzqVIAO8Boh7hFWsKxn3sv
+dlBOvJjslFVxsHiSFQ3canTKD7zTVJfOgVNNr5QYhEsTrqMfnVprlVe732Ge/U6I
+fy1CuN2LyYfq4b+Jyrhe4h41YwXfbAeog44+9BxZXczkPa/EkSPvTYq7qT05BeQC
+jXupFISidZbge0tu2ZLwd7Uk09z+fd1VSb58zo2gNc+gs/uPnkb3MrKoa0YBZcCP
+UxMCAwEAAaOCAVYwggFSMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB8G
+A1UdIwQYMBaAFNZEADJ8qA3/rE9rZu61rpssxThUMB0GA1UdDgQWBBSJGVleDvFp
+9cu9R+E0/OKYzGkwkTAUBgNVHSAEDTALMAkGB2eBDAEFAQIwPQYDVR0fBDYwNDAy
+oDCgLoYsaHR0cDovL2NybC5jYS5leGFtcGxlLmNvbS9pc3N1aW5nX2NhX2NybC5j
+cmwwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vcmVwb3NpdG9y
+eS5jYS5leGFtcGxlLmNvbS9pc3N1aW5nX2NhLmRlcjAdBgNVHSUEFjAUBggrBgEF
+BQcDBAYIKwYBBQUHAwIwMQYDVR0RBCowKKAmBggrBgEFBQcICaAaDBjlsbHnlLDo
+irHlrZBAZXhhbXBsZS5jb20wDQYJKoZIhvcNAQELBQADggIBAIOKyHChjHy4d+Ox
+V/2Ndpce2/f4la47F+5bJYoq6SE7j5nwpYu+iVaztBasqX3Xdj+GVbx/Vk6UFIUQ
+b9OpMB5CUZIKajTztFjqTVZ7CvL3D9f0cpQ4iRq8s7ugMzkg6rMaJhQ+oZu9V0WH
+LIAV1zT1M0hoW6lHrgbmcGXtVpj/8rrzaYITL5VhXIwB5LQvRbjaR4UP982dtBlH
+OgEMMLZ/K74hUsEIoVSQyZBohmiVHO5VVaLMMfO20qBqVZbhCGP0Sth7F1NJJnpO
+Kqtrfb9ToES/fGalIDktuqKDl8ap0d0DMdUuSki8vfoSustoD4coh6Gj1U5OLOeB
+LP2A7Wws+6YsssqdwxCM5oK8Af5htiGzr+nU/GWuQUewPoIAe7sKN82MSndkhSA5
+l2/p/TC/7Ov92nsiiZrOBZkavn1/InG/pb1XizIZQkXuTBS9rZG+9gRZLtHnlHXu
+IlJ8Pd38xuvlpfFTws2DsFdI/lE4ssoHF2hGVvk6UxJsmP30P+0wmxqfvFK96y5W
+OTpLeU/NzJmXTBSBy0MWmVF5E9nQWkp4d1XzShYtGq3vcXYgUGRpDJL1oik461Ds
+C10jQZz+k1zvc5+dbUyuCj2Z0Lzb1C7Z+B+89xYX1pInv4zzWJBbzMzmmsMDwIRv
+UehtmQe3EzrhtFLvOtx5IeV19qAK
+-----END CERTIFICATE-----
+
+node_path,validator,severity,code,message
+certificate.tbsCertificate.extensions.3.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,
diff --git a/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only_cn_mismatch.crttest b/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only_cn_mismatch.crttest
new file mode 100644
index 0000000..8303081
--- /dev/null
+++ b/tests/integration_certificate/smime_br/mailbox/multipurpose/smtputf8mailbox_only_cn_mismatch.crttest
@@ -0,0 +1,37 @@
+-----BEGIN CERTIFICATE-----
+MIIFeDCCA2CgAwIBAgIUH/nOhctN2lspZ2LasyeIMEixJzEwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCVVMxHzAdBgNVBAoMFkZvbyBJbmR1c3RyaWVzIExpbWl0
+ZWQxGDAWBgNVBAMMD0ludGVybWVkaWF0ZSBDQTAeFw0yMzA0MTkwMDAwMDBaFw0y
+MzA3MTgyMzU5NTlaMCMxITAfBgNVBAMMGOWxseeUsOiKseWtkEBleGFtcGxlLm5l
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALD56BlDp66YkqreF8p8
+QPh0T+0vgUjmyOqie30AFUj7UZKrKLVsUGCxGMzRMeWUh0xsqYm1bCcpbwn7k6A0
+3zLpfG/wmYz9jm9C3aWKzR+peYbxRPPRVNZ2UBdeaFSzqVIAO8Boh7hFWsKxn3sv
+dlBOvJjslFVxsHiSFQ3canTKD7zTVJfOgVNNr5QYhEsTrqMfnVprlVe732Ge/U6I
+fy1CuN2LyYfq4b+Jyrhe4h41YwXfbAeog44+9BxZXczkPa/EkSPvTYq7qT05BeQC
+jXupFISidZbge0tu2ZLwd7Uk09z+fd1VSb58zo2gNc+gs/uPnkb3MrKoa0YBZcCP
+UxMCAwEAAaOCAX0wggF5MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMB8G
+A1UdIwQYMBaAFNZEADJ8qA3/rE9rZu61rpssxThUMB0GA1UdDgQWBBSJGVleDvFp
+9cu9R+E0/OKYzGkwkTAUBgNVHSAEDTALMAkGB2eBDAEFAQIwPQYDVR0fBDYwNDAy
+oDCgLoYsaHR0cDovL2NybC5jYS5leGFtcGxlLmNvbS9pc3N1aW5nX2NhX2NybC5j
+cmwwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vcmVwb3NpdG9y
+eS5jYS5leGFtcGxlLmNvbS9pc3N1aW5nX2NhLmRlcjAdBgNVHSUEFjAUBggrBgEF
+BQcDBAYIKwYBBQUHAwIwWAYDVR0RBFEwT6AmBggrBgEFBQcICaAaDBjlsbHnlLDo
+irHlrZBAZXhhbXBsZS5jb22kJTAjMSEwHwYDVQQDDBjlsbHnlLDoirHlrZBAZXhh
+bXBsZS5uZXQwDQYJKoZIhvcNAQELBQADggIBAIOKyHChjHy4d+OxV/2Ndpce2/f4
+la47F+5bJYoq6SE7j5nwpYu+iVaztBasqX3Xdj+GVbx/Vk6UFIUQb9OpMB5CUZIK
+ajTztFjqTVZ7CvL3D9f0cpQ4iRq8s7ugMzkg6rMaJhQ+oZu9V0WHLIAV1zT1M0ho
+W6lHrgbmcGXtVpj/8rrzaYITL5VhXIwB5LQvRbjaR4UP982dtBlHOgEMMLZ/K74h
+UsEIoVSQyZBohmiVHO5VVaLMMfO20qBqVZbhCGP0Sth7F1NJJnpOKqtrfb9ToES/
+fGalIDktuqKDl8ap0d0DMdUuSki8vfoSustoD4coh6Gj1U5OLOeBLP2A7Wws+6Ys
+ssqdwxCM5oK8Af5htiGzr+nU/GWuQUewPoIAe7sKN82MSndkhSA5l2/p/TC/7Ov9
+2nsiiZrOBZkavn1/InG/pb1XizIZQkXuTBS9rZG+9gRZLtHnlHXuIlJ8Pd38xuvl
+pfFTws2DsFdI/lE4ssoHF2hGVvk6UxJsmP30P+0wmxqfvFK96y5WOTpLeU/NzJmX
+TBSBy0MWmVF5E9nQWkp4d1XzShYtGq3vcXYgUGRpDJL1oik461DsC10jQZz+k1zv
+c5+dbUyuCj2Z0Lzb1C7Z+B+89xYX1pInv4zzWJBbzMzmmsMDwIRvUehtmQe3Ezrh
+tFLvOtx5IeV19qAK
+-----END CERTIFICATE-----
+
+node_path,validator,severity,code,message
+certificate.tbsCertificate.subject.rdnSequence.0.0.value.x520CommonName,CommonNameValidator,ERROR,cabf.smime.common_name_value_unknown_source,"Unknown CN value source: ""山田花子@example.net"""
+certificate.tbsCertificate.extensions.3.extnValue.subjectKeyIdentifier,SubjectKeyIdentifierValidator,INFO,pkix.subject_key_identifier_method_1_identified,
+certificate.tbsCertificate.extensions.8.extnValue.subjectAltName.1.directoryName.rdnSequence.0.0.value.x520CommonName,CommonNameValidator,ERROR,cabf.smime.common_name_value_unknown_source,"Unknown CN value source: ""山田花子@example.net"""