min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add functions to X509Req to obtain public key and extensions 

This allows for basic CSR signing.
This commit is contained in:
René Richter 2018-04-21 09:44:49 +02:00
parent 6b1edf5625
commit 5bb89d7552
3 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
openssl-sys/src/lib.rs
View File

@ -2741,8 +2741,10 @@ extern "C" {
pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int; pub fn X509_REQ_set_version(req: *mut X509_REQ, version: c_long) -> c_int;
pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut X509_NAME) -> c_int; pub fn X509_REQ_set_subject_name(req: *mut X509_REQ, name: *mut X509_NAME) -> c_int;
pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int; pub fn X509_REQ_set_pubkey(req: *mut X509_REQ, pkey: *mut EVP_PKEY) -> c_int;
pub fn X509_REQ_get_pubkey(req: *mut X509_REQ) -> *mut EVP_PKEY;
pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION) pub fn X509_REQ_add_extensions(req: *mut X509_REQ, exts: *mut stack_st_X509_EXTENSION)
-> c_int; -> c_int;
pub fn X509_REQ_get_extensions(req: *mut X509_REQ) -> *mut stack_st_X509_EXTENSION;
pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int; pub fn X509_REQ_sign(x: *mut X509_REQ, pkey: *mut EVP_PKEY, md: *const EVP_MD) -> c_int;
#[cfg(not(ossl101))] #[cfg(not(ossl101))]

22
openssl/src/x509/mod.rs
View File

@ -1069,6 +1069,28 @@ impl X509ReqRef {
X509NameRef::from_ptr(name) X509NameRef::from_ptr(name)
} }
} }
/// Returns the public key of the certificate request.
///
/// This corresponds to [`X509_REQ_get_pubkey"]
///
/// [`X509_REQ_get_pubkey`]: https://www.openssl.org/docs/man1.1.0/crypto/X509_REQ_get_pubkey.html
pub fn public_key(&self) -> Result<PKey<Public>, ErrorStack> {
unsafe {
let key = cvt_p(ffi::X509_REQ_get_pubkey(self.as_ptr()))?;
Ok(PKey::from_ptr(key))
}
}
/// Returns the extensions of the certificate request.
///
/// This corresponds to [`X509_REQ_get_extensions"]
pub fn extensions(&self) -> Result<Stack<X509Extension>, ErrorStack> {
unsafe {
let extensions = cvt_p(ffi::X509_REQ_get_extensions(self.as_ptr()))?;
Ok(Stack::from_ptr(extensions))
}
}
} }
/// The result of peer certificate verification. /// The result of peer certificate verification.

4
openssl/src/x509/tests.rs
View File

@ -234,6 +234,10 @@ fn x509_req_builder() {
builder.add_extensions(&extensions).unwrap(); builder.add_extensions(&extensions).unwrap();
builder.sign(&pkey, MessageDigest::sha256()).unwrap(); builder.sign(&pkey, MessageDigest::sha256()).unwrap();
let req = builder.build();
assert!(req.public_key().unwrap().public_eq(&pkey));
assert_eq!(req.extensions().unwrap().len(), extensions.len());
} }
#[test] #[test]