Rustls-cert-gen support basic parameters #185
Conversation
tbro
changed the title
Codecov Report
@@ Coverage Diff @@
## main #185 +/- ##
==========================================
+ Coverage 72.86% 76.80% +3.93%
==========================================
Files 7 13 +6
Lines 1861 2259 +398
==========================================
+ Hits 1356 1735 +379
- Misses 505 524 +19
... and 3 files with indirect coverage changes 📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today! |
rustls-cert-gen/src/args.rs
Outdated
| pub output: PathBuf, | ||
| /// Persist ca signing-key to `output` dir | ||
| #[bpaf(long, switch)] | ||
| pub insecure: bool, |
There was a problem hiding this comment.
I'm not sure about calling this mode "insecure" or not doing it by default (IMO it should by default emit all files, including the signing key)
There was a problem hiding this comment.
I am happy to change it, but I would like to share my thought process first. I think the signing key is only useful for "advanced" usage. Namely, as input to another tool (or a possible future iteration of this one) to sign more certificates. Someone looking for a quick way to generate certificates for a TLS connection won't not need it. I think such a person might also be less likely to have a complete grasp of the why and wherefore of all the files. They might also be less informed about secure practices for key management and the implications of leaking the signing key of their ad-hoc certificate-authority. That's how I came to naming the switch insecure. So the idea was to make it easy for those that want something easy and provide a path to more advanced usage for those that know what they are doing.
There was a problem hiding this comment.
I don't like the name here because it doesn't feel like persisting a private key to disk is inherently "insecure". Unless we have functionality for generating new certificates that are signed with an existing on-disk CA private key, I'm not sure it makes sense to persist the CA private key to disk because it'll be relatively hard to use for anything. Adding such functionality (to sign with a persisted CA private key) makes sense to me and probably shouldn't be too hard, but also probably doesn't need to be in this PR.
There was a problem hiding this comment.
IMO it makes sense to have the key around even if such a functionality doesn't exist yet, as then the key is around once we add that functionality, instead of being lost.
And yeah, full agree, persisting a private key to disk is not inherently insecure. This is a tool in the end, and yeah if you deploy the CA into a root store then the private key becomes very powerful. But that's up to the users.
There was a problem hiding this comment.
OK --secure switch was removed in latest commit and all files will always be persisted.
rustls-cert-gen/src/args.rs
Outdated
| fn parse_sans(hosts: Vec<String>) -> Vec<SanType> { | ||
| hosts | ||
| .into_iter() | ||
| .map(|s| s.to_string()) |
There was a problem hiding this comment.
This isn't needed if you make parse_san take a &str instead of String.
There was a problem hiding this comment.
In that case I think we would need something like .iter().map(|s|parse_san(s)). The function call is needed to get the &str (I think). But it turns out that s.to_string() was unnecessary even without changing the signature. So I just removed that line in the latest commit.
tbro
force-pushed
the
rustls-cerg-gen-support-params
branch
from
faaee63 to
a28ad7e
Compare
|
Just leaving a comment to say I haven't forgotten this PR. I'll try and give it a review pass in the next day or two. Thanks! |
Thanks for being thorough. Unless I missed something, I've taken all of your suggestions except one. I don't think we can simply derive |
Double checking and I definitely did miss a few comments, I should be able to address the rest tomorrow. |
|
Thanks for working on this! IMO it would be good to clean up the commit history a bit (or split into separate PRs) to make this easier to review. In particular, here are some logical chunks of changes I'm seeing:
I'm surprised I also think right now the module sizes in rustls-cert-gen are so small as to make the code harder to follow. In particular, IMO the contents of the Personally I'm not fond of |
I can easily squash the history, so I'll start with that. While I generally agree that having small PRs is easier to review, I think this might be an exception to that rule. Sure, we can have a couple of tiny PRs like those you mention, but there is still going to be a huge one with all the "beef". Also, I think it is fairly common to initialize new crates with a README, so splitting that off doesn't make much sense to me. Also moving the former
I disagree that having a few very large files is easier to follow than having smaller dedicated modules. Possibly is related to choice of IDE? I have certainly seen both styles employed by different crates. But I am happy to conform to the preferred style of this team, which I take to be what you have outlined here.
Given these choices, I would reach for anyhow. Does anyone disagree with this? |
Add basic functionality for rustls-cert-gen This commit adds basic functionality for rustls-cerg-gen crate. A small wrapper library has been added in order to organize code into small modules and to provide a simple API that can easily be updated as new functionality is added in the future. There are some rough edges, some missing documentation for example. But I hope to get the broader structure approved before refining the documentation. Serval parameters have been added with the idea of supporting a broad range of use-cases and test expectations around design and maintainability. The easiest way to view currently supported options is with `cargo run -- --help`. Closes rustls#175
tbro
force-pushed
the
rustls-cerg-gen-support-params
branch
from
96dd493 to
871d554
Compare
There is blank_lines_lower_bound but that puts a new line even between every line within a method. |
split off from rustls#185
Adds a README.md to `rustls-cert-gen`. It was split off from rustls#185.
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175
split off from rustls#185 and make some minor changes. * remove inconsistent use of `sys::fs` * remove `&` when on file writes * remove clippy declaration at top of example
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs
This takes what was formerly `rcgen/src/main.rs` and moves it to the examples folder as `simple.rs`. It was split off from #185 Co-authored-by: tbro <[email protected]>
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs * additional test cases
This is basically rustls#185 minus rustls#188 and rustls#189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes rustls#175 includes review fixes such as: * remove top-level rsa dependency * inline parse_san * Check for presence of EKU before pushing. * Replace `struct Signature` struct w/ `enum KeypairAlgorithm` * update some doc strings * make EndEntity and Ca public so they appear in the docs * additional test cases
This is basically #185 minus #188 and #189. The structure also differs as sub modules have been inlined in `main.rs` and `cert.rs`. `anyhow` has also been added as a dependency to replace the `Result` alias. Closes #175 --------- Co-authored-by: tbro <[email protected]>
This commit adds basic functionality for rustls-cerg-gen crate. A
small wrapper library has been added in order to organize code into
small modules and to provide a simple API that can easily be updated
as new functionality is added in the future. There are some rough
edges, some missing documentation for example. But I hope to get the
broader structure approved before refining the documentation. Several
parameters have been added with the idea of supporting a broad range
of use-cases and test expectations around design and
maintainability. The easiest way to view currently supported options
is with
cargo run -- --help.Closes #175