min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #568 from mredlek/x509_req_version_subject 

X509 request information
This commit is contained in:
Steven Fackler 2017-02-11 09:34:24 -08:00 committed by GitHub
parent ad07b19ed3 5ad4af70ae
commit 3a0d24f729
7 changed files with 113 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
openssl-sys/src/lib.rs
View File

@ -53,7 +53,6 @@ pub enum X509_CRL {}
pub enum X509_EXTENSION {} pub enum X509_EXTENSION {}
pub enum X509_NAME {} pub enum X509_NAME {}
pub enum X509_NAME_ENTRY {} pub enum X509_NAME_ENTRY {}
pub enum X509_REQ {}
pub enum X509_STORE {} pub enum X509_STORE {}
pub enum X509_STORE_CTX {} pub enum X509_STORE_CTX {}
pub enum bio_st {} pub enum bio_st {}
@ -1404,6 +1403,7 @@ extern {
pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int; pub fn AES_set_decrypt_key(userKey: *const c_uchar, bits: c_int, key: *mut AES_KEY) -> c_int;
pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int); pub fn AES_ige_encrypt(in_: *const c_uchar, out: *mut c_uchar, length: size_t, key: *const AES_KEY, ivec: *mut c_uchar, enc: c_int);
pub fn ASN1_INTEGER_get(dest: *const ASN1_INTEGER) -> c_long;
pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int; pub fn ASN1_INTEGER_set(dest: *mut ASN1_INTEGER, value: c_long) -> c_int;
pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME); pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME);
pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int; pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int;
@ -1945,6 +1945,8 @@ extern {
pub fn ASN1_STRING_free(x: *mut ASN1_STRING); pub fn ASN1_STRING_free(x: *mut ASN1_STRING);
pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int; pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int;
pub fn ASN1_INTEGER_free(x: *mut ASN1_INTEGER);
pub fn X509_STORE_new() -> *mut X509_STORE; pub fn X509_STORE_new() -> *mut X509_STORE;
pub fn X509_STORE_free(store: *mut X509_STORE); pub fn X509_STORE_free(store: *mut X509_STORE);
pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int; pub fn X509_STORE_add_cert(store: *mut X509_STORE, x: *mut X509) -> c_int;
@ -1960,6 +1962,9 @@ extern {
pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION) -> c_int; pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION) -> c_int;
pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
pub fn X509_REQ_set_version(x: *mut X509_REQ, version: c_long) -> c_int;
pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut ::X509_NAME) -> c_int;
#[cfg(not(ossl101))] #[cfg(not(ossl101))]
pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM); pub fn X509_VERIFY_PARAM_free(param: *mut X509_VERIFY_PARAM);

17
openssl-sys/src/libressl.rs
View File

@ -304,6 +304,23 @@ pub struct X509_VAL {
pub notAfter: *mut ::ASN1_TIME, pub notAfter: *mut ::ASN1_TIME,
} }
#[repr(C)]
pub struct X509_REQ_INFO {
pub enc: ASN1_ENCODING,
pub version: *mut ::ASN1_INTEGER,
pub subject: *mut ::X509_NAME,
pubkey: *mut c_void,
pub attributes: *mut stack_st_X509_ATTRIBUTE
}
#[repr(C)]
pub struct X509_REQ {
pub req_info: *mut X509_REQ_INFO,
sig_alg: *mut c_void,
signature: *mut c_void,
references: c_int
}
#[repr(C)] #[repr(C)]
pub struct SSL { pub struct SSL {
version: c_int, version: c_int,

17
openssl-sys/src/ossl10x.rs
View File

@ -311,6 +311,23 @@ pub struct X509_VAL {
pub notAfter: *mut ::ASN1_TIME, pub notAfter: *mut ::ASN1_TIME,
} }
#[repr(C)]
pub struct X509_REQ_INFO {
pub enc: ASN1_ENCODING,
pub version: *mut ::ASN1_INTEGER,
pub subject: *mut ::X509_NAME,
pubkey: *mut c_void,
pub attributes: *mut stack_st_X509_ATTRIBUTE
}
#[repr(C)]
pub struct X509_REQ {
pub req_info: *mut X509_REQ_INFO,
sig_alg: *mut c_void,
signature: *mut c_void,
references: c_int
}
#[repr(C)] #[repr(C)]
pub struct SSL { pub struct SSL {
version: c_int, version: c_int,

3
openssl-sys/src/ossl110.rs
View File

@ -28,6 +28,7 @@ pub enum stack_st_SSL_CIPHER {}
pub enum X509 {} pub enum X509 {}
pub enum X509_ALGOR {} pub enum X509_ALGOR {}
pub enum X509_VERIFY_PARAM {} pub enum X509_VERIFY_PARAM {}
pub enum X509_REQ {}
pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000; pub const SSL_OP_MICROSOFT_SESS_ID_BUG: c_ulong = 0x00000000;
pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000; pub const SSL_OP_NETSCAPE_CHALLENGE_BUG: c_ulong = 0x00000000;
@ -195,4 +196,6 @@ extern {
iter: c_int, iter: c_int,
mac_iter: c_int, mac_iter: c_int,
keytype: c_int) -> *mut PKCS12; keytype: c_int) -> *mut PKCS12;
pub fn X509_REQ_get_version(req: *const X509_REQ) -> c_long;
pub fn X509_REQ_get_subject_name(req: *const X509_REQ) -> *mut ::X509_NAME;
} }

23
openssl/src/asn1.rs
View File

@ -94,6 +94,29 @@ impl Asn1StringRef {
} }
} }
foreign_type! {
type CType = ffi::ASN1_INTEGER;
fn drop = ffi::ASN1_INTEGER_free;
pub struct Asn1Integer;
pub struct Asn1IntegerRef;
}
impl Asn1IntegerRef {
pub fn get(&self) -> i64 {
unsafe {
::ffi::ASN1_INTEGER_get(self.as_ptr()) as i64
}
}
pub fn set(&mut self, value: i32) -> Result<(), ErrorStack>
{
unsafe {
cvt(::ffi::ASN1_INTEGER_set(self.as_ptr(), value as c_long)).map(|_| ())
}
}
}
foreign_type! { foreign_type! {
type CType = ffi::ASN1_BIT_STRING; type CType = ffi::ASN1_BIT_STRING;
fn drop = ffi::ASN1_BIT_STRING_free; fn drop = ffi::ASN1_BIT_STRING_free;

40
openssl/src/x509/mod.rs
View File

@ -649,6 +649,34 @@ impl X509Req {
impl X509ReqRef { impl X509ReqRef {
to_pem!(ffi::PEM_write_bio_X509_REQ); to_pem!(ffi::PEM_write_bio_X509_REQ);
to_der!(ffi::i2d_X509_REQ); to_der!(ffi::i2d_X509_REQ);
pub fn version(&self) -> i32
{
unsafe {
compat::X509_REQ_get_version(self.as_ptr()) as i32
}
}
pub fn set_version(&mut self, value: i32) -> Result<(), ErrorStack>
{
unsafe {
cvt(ffi::X509_REQ_set_version(self.as_ptr(), value as c_long)).map(|_| ())
}
}
pub fn subject_name(&self) -> &X509NameRef {
unsafe {
let name = compat::X509_REQ_get_subject_name(self.as_ptr());
assert!(!name.is_null());
X509NameRef::from_ptr(name)
}
}
pub fn set_subject_name(&mut self, value: &X509NameRef) -> Result<(), ErrorStack> {
unsafe {
cvt(ffi::X509_REQ_set_subject_name(self.as_ptr(), value.as_ptr())).map(|_| ())
}
}
} }
/// A collection of X.509 extensions. /// A collection of X.509 extensions.
@ -846,6 +874,8 @@ mod compat {
pub use ffi::X509_getm_notBefore as X509_get_notBefore; pub use ffi::X509_getm_notBefore as X509_get_notBefore;
pub use ffi::X509_up_ref; pub use ffi::X509_up_ref;
pub use ffi::X509_get0_extensions; pub use ffi::X509_get0_extensions;
pub use ffi::X509_REQ_get_version;
pub use ffi::X509_REQ_get_subject_name;
pub use ffi::X509_get0_signature; pub use ffi::X509_get0_signature;
pub use ffi::X509_ALGOR_get0; pub use ffi::X509_ALGOR_get0;
} }
@ -882,6 +912,16 @@ mod compat {
} }
} }
pub unsafe fn X509_REQ_get_version(x: *mut ffi::X509_REQ) -> ::libc::c_long
{
::ffi::ASN1_INTEGER_get((*(*x).req_info).version)
}
pub unsafe fn X509_REQ_get_subject_name(x: *mut ffi::X509_REQ) -> *mut ::ffi::X509_NAME
{
(*(*x).req_info).subject
}
pub unsafe fn X509_get0_signature(psig: *mut *const ffi::ASN1_BIT_STRING, pub unsafe fn X509_get0_signature(psig: *mut *const ffi::ASN1_BIT_STRING,
palg: *mut *const ffi::X509_ALGOR, palg: *mut *const ffi::X509_ALGOR,
x: *const ffi::X509) { x: *const ffi::X509) {

9
openssl/src/x509/tests.rs
View File

@ -6,7 +6,7 @@ use nid::X9_62_PRIME256V1;
use pkey::PKey; use pkey::PKey;
use rsa::Rsa; use rsa::Rsa;
use ssl::{SslMethod, SslContextBuilder}; use ssl::{SslMethod, SslContextBuilder};
use x509::{X509, X509Generator}; use x509::{X509, X509Generator, X509Req};
use x509::extension::Extension::{KeyUsage, ExtKeyUsage, SubjectAltName, OtherNid, OtherStr}; use x509::extension::Extension::{KeyUsage, ExtKeyUsage, SubjectAltName, OtherNid, OtherStr};
use x509::extension::AltNameOption as SAN; use x509::extension::AltNameOption as SAN;
use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment}; use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment};
@ -75,7 +75,12 @@ fn test_req_gen() {
let pkey = pkey(); let pkey = pkey();
let req = get_generator().request(&pkey).unwrap(); let req = get_generator().request(&pkey).unwrap();
req.to_pem().unwrap(); let reqpem = req.to_pem().unwrap();
let req = X509Req::from_pem(&reqpem).ok().expect("Failed to load PEM");
let cn = (*req).subject_name().entries_by_nid(nid::COMMONNAME).next().unwrap();
assert_eq!(0, (*req).version());
assert_eq!(cn.data().as_slice(), b"test_me");
// FIXME: check data in result to be correct, needs implementation // FIXME: check data in result to be correct, needs implementation
// of X509_REQ getters // of X509_REQ getters