diff --git a/openssl/src/x509/extension.rs b/openssl/src/x509/extension.rs index 7a09ddbc..48a1bc54 100644 --- a/openssl/src/x509/extension.rs +++ b/openssl/src/x509/extension.rs @@ -9,6 +9,7 @@ use x509::{X509v3Context, X509Extension}; /// See the `Extension` documentation for more information on the different /// variants. #[derive(Clone,Hash,PartialEq,Eq)] +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub enum ExtensionType { KeyUsage, ExtKeyUsage, @@ -23,6 +24,7 @@ pub enum ExtensionType { /// Only one extension of each type is allow in a certificate. /// See RFC 3280 for more information about extensions. #[derive(Clone)] +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub enum Extension { /// The purposes of the key contained in the certificate KeyUsage(Vec), @@ -58,6 +60,7 @@ pub enum Extension { } impl Extension { + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn get_type(&self) -> ExtensionType { match self { &Extension::KeyUsage(_) => ExtensionType::KeyUsage, @@ -71,6 +74,7 @@ impl Extension { } impl ExtensionType { + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn get_nid(&self) -> Option { match self { &ExtensionType::KeyUsage => Some(nid::KEY_USAGE), @@ -82,6 +86,7 @@ impl ExtensionType { } } + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn get_name(&self) -> Option<&str> { match self { &ExtensionType::OtherStr(ref s) => Some(s), @@ -122,6 +127,7 @@ impl ToString for Extension { } #[derive(Clone,Copy)] +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub enum KeyUsageOption { DigitalSignature, NonRepudiation, @@ -151,6 +157,7 @@ impl fmt::Display for KeyUsageOption { } #[derive(Clone)] +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub enum ExtKeyUsageOption { ServerAuth, ClientAuth, @@ -187,6 +194,7 @@ impl fmt::Display for ExtKeyUsageOption { } #[derive(Clone, Copy)] +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub enum AltNameOption { /// The value is specified as OID;content. See `man ASN1_generate_nconf` for more information on the content syntax. /// diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs index 402e17d4..8ee82b98 100644 --- a/openssl/src/x509/mod.rs +++ b/openssl/src/x509/mod.rs @@ -1,3 +1,4 @@ +#![allow(deprecated)] use libc::{c_int, c_long}; use std::borrow::Borrow; use std::cmp; @@ -89,31 +90,7 @@ impl X509StoreContextRef { } } -#[allow(non_snake_case)] -/// Generator of private key/certificate pairs -/// -/// # Example -/// -/// ``` -/// use openssl::hash::MessageDigest; -/// use openssl::pkey::PKey; -/// use openssl::rsa::Rsa; -/// use openssl::x509::X509Generator; -/// use openssl::x509::extension::{Extension, KeyUsageOption}; -/// -/// let rsa = Rsa::generate(2048).unwrap(); -/// let pkey = PKey::from_rsa(rsa).unwrap(); -/// -/// let gen = X509Generator::new() -/// .set_valid_period(365*2) -/// .add_name("CN".to_owned(), "SuperMegaCorp Inc.".to_owned()) -/// .set_sign_hash(MessageDigest::sha256()) -/// .add_extension(Extension::KeyUsage(vec![KeyUsageOption::DigitalSignature])); -/// -/// let cert = gen.sign(&pkey).unwrap(); -/// let cert_pem = cert.to_pem().unwrap(); -/// let pkey_pem = pkey.private_key_to_pem().unwrap(); -/// ``` +#[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub struct X509Generator { days: u32, names: Vec<(String, String)>, @@ -121,6 +98,7 @@ pub struct X509Generator { hash_type: MessageDigest, } +#[allow(deprecated)] impl X509Generator { /// Creates a new generator with the following defaults: /// @@ -129,6 +107,7 @@ impl X509Generator { /// CN: "rust-openssl" /// /// hash: SHA1 + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn new() -> X509Generator { X509Generator { days: 365, @@ -139,6 +118,7 @@ impl X509Generator { } /// Sets certificate validity period in days since today + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn set_valid_period(mut self, days: u32) -> X509Generator { self.days = days; self @@ -150,6 +130,7 @@ impl X509Generator { /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_name("CN".to_string(),"example.com".to_string()); /// ``` + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn add_name(mut self, attr_type: String, attr_value: String) -> X509Generator { self.names.push((attr_type, attr_value)); self @@ -161,6 +142,7 @@ impl X509Generator { /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_names(vec![("CN".to_string(),"example.com".to_string())]); /// ``` + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn add_names(mut self, attrs: I) -> X509Generator where I: IntoIterator { @@ -179,6 +161,7 @@ impl X509Generator { /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment])); /// ``` + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn add_extension(mut self, ext: extension::Extension) -> X509Generator { self.extensions.add(ext); self @@ -195,6 +178,7 @@ impl X509Generator { /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_extensions(vec![KeyUsage(vec![DigitalSignature, KeyEncipherment])]); /// ``` + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn add_extensions(mut self, exts: I) -> X509Generator where I: IntoIterator { @@ -205,12 +189,14 @@ impl X509Generator { self } + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn set_sign_hash(mut self, hash_type: MessageDigest) -> X509Generator { self.hash_type = hash_type; self } /// Sets the certificate public-key, then self-sign and return it + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn sign(&self, p_key: &PKeyRef) -> Result { let mut builder = try!(X509::builder()); try!(builder.set_version(2)); @@ -262,6 +248,7 @@ impl X509Generator { } /// Obtain a certificate signing request (CSR) + #[deprecated(since = "0.9.1", note = "use X509Builder and X509ReqBuilder instead")] pub fn request(&self, p_key: &PKeyRef) -> Result { let cert = match self.sign(p_key) { Ok(c) => c,