-
Notifications
You must be signed in to change notification settings - Fork 114
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
basic Ia5String support for DistinguishedName values (#182)
This branch adds basic support emitting and parsing distinguished name values that are Ia5Strings. For example, email address attributes in a certificate subject distinguished name. Note that because of #181 this code will panic when emitting invalid Ia5String values. This problem is general to rcgen's handling of ASN.1 string types and so isn't addressed with additional care in this branch. A broader rework is required. Along the way I also fixed a warning from #176 related to where we were defining the custom `profile.dev.package.num-bigint-dig` profile metadata. Resolves #180
- Loading branch information
Showing
4 changed files
with
61 additions
and
55 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -299,3 +299,40 @@ mod test_parse_crl_dps { | |
); | ||
} | ||
} | ||
|
||
#[cfg(feature = "x509-parser")] | ||
mod test_parse_ia5string_subject { | ||
use crate::util; | ||
use rcgen::DnType::CustomDnType; | ||
use rcgen::{Certificate, CertificateParams, DistinguishedName, DnValue, KeyPair}; | ||
|
||
#[test] | ||
fn parse_ia5string_subject() { | ||
// Create and serialize a certificate with a subject containing an IA5String email address. | ||
let email_address_dn_type = CustomDnType(vec![1, 2, 840, 113549, 1, 9, 1]); // id-emailAddress | ||
let email_address_dn_value = DnValue::Ia5String("[email protected]".into()); | ||
let mut params = util::default_params(); | ||
params.distinguished_name = DistinguishedName::new(); | ||
params.distinguished_name.push( | ||
email_address_dn_type.clone(), | ||
email_address_dn_value.clone(), | ||
); | ||
let cert = Certificate::from_params(params).unwrap(); | ||
let cert_der = cert.serialize_der().unwrap(); | ||
|
||
// We should be able to parse the certificate with x509-parser. | ||
assert!(x509_parser::parse_x509_certificate(&cert_der).is_ok()); | ||
|
||
// We should be able to reconstitute params from the DER using x509-parser. | ||
let key_pair = KeyPair::generate(&rcgen::PKCS_ECDSA_P256_SHA256).unwrap(); | ||
let params_from_cert = CertificateParams::from_ca_cert_der(&cert_der, key_pair).unwrap(); | ||
|
||
// We should find the expected distinguished name in the reconstituted params. | ||
let expected_names = &[(&email_address_dn_type, &email_address_dn_value)]; | ||
let names = params_from_cert | ||
.distinguished_name | ||
.iter() | ||
.collect::<Vec<(_, _)>>(); | ||
assert_eq!(names, expected_names); | ||
} | ||
} |