min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add arbitrary X509 extensions by NID

This commit is contained in:
Jethro Beekman 2015-06-30 22:37:49 -07:00
parent 2fa1344367
commit e367567d00
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openssl/src/x509/extension.rs
View File

@ -5,12 +5,14 @@ use nid::Nid;
pub enum ExtensionType {
KeyUsage,
ExtKeyUsage,
OtherNid(Nid),
}
#[derive(Clone)]
pub enum Extension {
KeyUsage(Vec<KeyUsageOption>),
ExtKeyUsage(Vec<ExtKeyUsageOption>),
OtherNid(Nid,String),
}
impl Extension {
@ -18,6 +20,7 @@ impl Extension {
match self {
&Extension::KeyUsage(_) => ExtensionType::KeyUsage,
&Extension::ExtKeyUsage(_) => ExtensionType::ExtKeyUsage,
&Extension::OtherNid(nid,_) => ExtensionType::OtherNid(nid),
}
}
@ -25,6 +28,7 @@ impl Extension {
match self {
&Extension::KeyUsage(_) => Nid::KeyUsage,
&Extension::ExtKeyUsage(_) => Nid::ExtendedKeyUsage,
&Extension::OtherNid(nid,_) => nid,
}
}
}
@ -44,6 +48,7 @@ impl ToString for Extension {
match self {
&Extension::KeyUsage(ref purposes) => join(purposes.iter(),","),
&Extension::ExtKeyUsage(ref purposes) => join(purposes.iter(),","),
&Extension::OtherNid(_,ref value) => value.clone(),
}
}
}

5
openssl/src/x509/tests.rs
View File

@ -5,7 +5,7 @@ use std::fs::File;
use crypto::hash::Type::{SHA256};
use x509::{X509, X509Generator};
use x509::extension::Extension::{KeyUsage,ExtKeyUsage};
use x509::extension::Extension::{KeyUsage,ExtKeyUsage,OtherNid};
use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment};
use x509::extension::ExtKeyUsageOption::{self, ClientAuth, ServerAuth};
use nid::Nid;
@ -18,7 +18,8 @@ fn test_cert_gen() {
.set_CN("test_me")
.set_sign_hash(SHA256)
.add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment]))
.add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]));
.add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]))
.add_extension(OtherNid(Nid::BasicConstraints,"critical,CA:TRUE".to_owned()));
let (cert, pkey) = gen.generate().unwrap();
cert.write_pem(&mut io::sink()).unwrap();