Add RFC5280 DistinguishedName behavior

[nick-mobilecoin]

RFC5280 section
4.2.1.4,
calls out specific behavior on how issuer and subject names should be
compared. It calls these fields DistinguishedName. This change
implements most of this behavior with the exception of prohibited
unicode code points and ignoring bidi code points.

Motivation

[nick-mobilecoin]

Current dependencies on/for this PR:

• main
  • PR Move x509 cert logic to sub-directory #68
    • PR Add CRL decode and verification #69
      • PR Add logic to verify and get signing key from chain #70
        • PR Add initial CRL logic to cert chain verification #71
          • PR Add support for RSA X509 certificates #72
            • PR Tests for 4.1.x of PKITS #73
              • PR Convert PKITS tests to integration tests #75
                • PR Tests for 4.2 of PKITS #76
                  • PR Add RFC5280 DistinguishedName behavior #77 👈
                  • PR Add tests for section 4.3 of PKITS #78
                  • PR Make PKITS test support functions more ergonomic. #82

This comment was auto-generated by Graphite.

[github-actions]

❌ Unreviewed dependencies found

Crate	Version	Reviews (N/2)	LoC	Left-Pad Index	Geiger	Flags

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (nick/pkits-4.2@9751c54). Click here to learn what that means.
The diff coverage is n/a.

❗ Current head cd4e247 differs from pull request most recent head c01b562. Consider uploading reports for the commit c01b562 to get more accurate results

@@                Coverage Diff                @@
##             nick/pkits-4.2      #77   +/-   ##
=================================================
  Coverage                  ?   97.96%           
=================================================
  Files                     ?       10           
  Lines                     ?     2308           
  Branches                  ?        0           
=================================================
  Hits                      ?     2261           
  Misses                    ?       47           
  Partials                  ?        0           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[nick-mobilecoin]

I'm up for suggestions on what else to bring from the RFC to have on hand. I wanted to avoid too much duplication, but also understand it's nice to have some things closer at hand.

[nick-mobilecoin]

I added a task to #50 for the missing prohibited unicode and bidi code points logic

I'm up for suggestions on how to handle these.
The unassigned table is a big concern, https://datatracker.ietf.org/doc/html/rfc3454#appendix-A.1 nesting that directly seems like it will be noisy and hard to maintain.
It maybe that we do something like, caseless, where we have a txt file with the code points listed, and then generate code build time based on it.

bidi could fall into the same camp, they are listed here for unicode 3.2, https://datatracker.ietf.org/doc/html/rfc3454#appendix-D. I look at something like https://github.com/servo/unicode-bidi, but this will likely use a newer unicode. I would vote for using a newer unicode for bidi detection. It may be that the unassigned code points above catch these newer ones so versions past unicode 3.2 may not be a concern

[nick-mobilecoin]

punting on implementing x509 chain parsing logic.