From e367567d00cdbd6b12906a424971146f6c3eea28 Mon Sep 17 00:00:00 2001
From: Jethro Beekman <jethro@jbeekman.nl>
Date: Tue, 30 Jun 2015 22:37:49 -0700
Subject: [PATCH] Add arbitrary X509 extensions by NID

---
 openssl/src/x509/extension.rs | 5 +++++
 openssl/src/x509/tests.rs     | 5 +++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/openssl/src/x509/extension.rs b/openssl/src/x509/extension.rs
index 66b218ad..4576ad1a 100644
--- a/openssl/src/x509/extension.rs
+++ b/openssl/src/x509/extension.rs
@@ -5,12 +5,14 @@ use nid::Nid;
 pub enum ExtensionType {
 	KeyUsage,
 	ExtKeyUsage,
+	OtherNid(Nid),
 }
 
 #[derive(Clone)]
 pub enum Extension {
 	KeyUsage(Vec<KeyUsageOption>),
 	ExtKeyUsage(Vec<ExtKeyUsageOption>),
+	OtherNid(Nid,String),
 }
 
 impl Extension {
@@ -18,6 +20,7 @@ impl Extension {
 		match self {
 			&Extension::KeyUsage(_) => ExtensionType::KeyUsage,
 			&Extension::ExtKeyUsage(_) => ExtensionType::ExtKeyUsage,
+			&Extension::OtherNid(nid,_) => ExtensionType::OtherNid(nid),
 		}
 	}
 
@@ -25,6 +28,7 @@ impl Extension {
 		match self {
 			&Extension::KeyUsage(_) => Nid::KeyUsage,
 			&Extension::ExtKeyUsage(_) => Nid::ExtendedKeyUsage,
+			&Extension::OtherNid(nid,_) => nid,
 		}
 	}
 }
@@ -44,6 +48,7 @@ impl ToString for Extension {
 		match self {
 			&Extension::KeyUsage(ref purposes) => join(purposes.iter(),","),
 			&Extension::ExtKeyUsage(ref purposes) => join(purposes.iter(),","),
+			&Extension::OtherNid(_,ref value) => value.clone(),
 		}
     }
 }
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index 806bc671..0061453c 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -5,7 +5,7 @@ use std::fs::File;
 
 use crypto::hash::Type::{SHA256};
 use x509::{X509, X509Generator};
-use x509::extension::Extension::{KeyUsage,ExtKeyUsage};
+use x509::extension::Extension::{KeyUsage,ExtKeyUsage,OtherNid};
 use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment};
 use x509::extension::ExtKeyUsageOption::{self, ClientAuth, ServerAuth};
 use nid::Nid;
@@ -18,7 +18,8 @@ fn test_cert_gen() {
         .set_CN("test_me")
         .set_sign_hash(SHA256)
         .add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment]))
-        .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]));
+        .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]))
+        .add_extension(OtherNid(Nid::BasicConstraints,"critical,CA:TRUE".to_owned()));
 
     let (cert, pkey) = gen.generate().unwrap();
     cert.write_pem(&mut io::sink()).unwrap();