Loading openssl/src/x509/mod.rs +46 −6 Original line number Diff line number Diff line Loading @@ -145,7 +145,7 @@ pub use self::extension::ExtKeyUsageOption as ExtKeyUsage; pub struct X509Generator { bits: u32, days: u32, CN: String, names: Vec<(String,String)>, // RFC 3280 §4.2: A certificate MUST NOT include more than one instance of a particular extension. extensions: HashMap<ExtensionType,Extension>, hash_type: HashType, Loading @@ -165,7 +165,7 @@ impl X509Generator { X509Generator { bits: 1024, days: 365, CN: "rust-openssl".to_string(), names: vec![], extensions: HashMap::new(), hash_type: HashType::SHA1 } Loading @@ -184,9 +184,41 @@ impl X509Generator { } #[allow(non_snake_case)] /// Sets Common Name of certificate /// (deprecated) Sets Common Name of certificate /// /// This function is deprecated, use `X509Generator.add_name` instead. /// Don't use this function AND the `add_name` method pub fn set_CN(mut self, CN: &str) -> X509Generator { self.CN = CN.to_string(); match self.names.get_mut(0) { Some(&mut(_,ref mut val)) => *val=CN.to_string(), _ => {} /* would move push here, but borrow checker won't let me */ } if self.names.len()==0 { self.names.push(("CN".to_string(),CN.to_string())); } self } /// Add attribute to the name of the certificate /// /// ``` /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_name("CN".to_string(),"example.com".to_string()); /// ``` pub fn add_name(mut self, attr_type: String, attr_value: String) -> X509Generator { self.names.push((attr_type,attr_value)); self } /// Add multiple attributes to the name of the certificate /// /// ``` /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_names(vec![("CN".to_string(),"example.com".to_string())]); /// ``` pub fn add_names<I>(mut self, attrs: I) -> X509Generator where I: IntoIterator<Item=(String,String)> { self.names.extend(attrs); self } Loading Loading @@ -267,7 +299,7 @@ impl X509Generator { } } fn add_name(name: *mut ffi::X509_NAME, key: &str, value: &str) -> Result<(), SslError> { fn add_name_internal(name: *mut ffi::X509_NAME, key: &str, value: &str) -> Result<(), SslError> { let value_len = value.len() as c_int; lift_ssl!(unsafe { let key = CString::new(key.as_bytes()).unwrap(); Loading Loading @@ -333,7 +365,15 @@ impl X509Generator { let name = ffi::X509_get_subject_name(x509.handle); try_ssl_null!(name); try!(X509Generator::add_name(name, "CN", &self.CN)); let default=[("CN","rust-openssl")]; let default_iter=&mut default.iter().map(|&(k,v)|(k,v)); let arg_iter=&mut self.names.iter().map(|&(ref k,ref v)|(&k[..],&v[..])); let iter: &mut Iterator<Item=(&str,&str)> = if self.names.len()==0 { default_iter } else { arg_iter }; for (key,val) in iter { try!(X509Generator::add_name_internal(name, &key, &val)); } ffi::X509_set_issuer_name(x509.handle, name); for (exttype,ext) in self.extensions.iter() { Loading openssl/src/x509/tests.rs +1 −1 Original line number Diff line number Diff line Loading @@ -16,7 +16,7 @@ fn test_cert_gen() { let gen = X509Generator::new() .set_bitlength(2048) .set_valid_period(365*2) .set_CN("test_me") .add_name("CN".to_string(),"test_me".to_string()) .set_sign_hash(SHA256) .add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment])) .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999.1".to_owned())])) Loading Loading
openssl/src/x509/mod.rs +46 −6 Original line number Diff line number Diff line Loading @@ -145,7 +145,7 @@ pub use self::extension::ExtKeyUsageOption as ExtKeyUsage; pub struct X509Generator { bits: u32, days: u32, CN: String, names: Vec<(String,String)>, // RFC 3280 §4.2: A certificate MUST NOT include more than one instance of a particular extension. extensions: HashMap<ExtensionType,Extension>, hash_type: HashType, Loading @@ -165,7 +165,7 @@ impl X509Generator { X509Generator { bits: 1024, days: 365, CN: "rust-openssl".to_string(), names: vec![], extensions: HashMap::new(), hash_type: HashType::SHA1 } Loading @@ -184,9 +184,41 @@ impl X509Generator { } #[allow(non_snake_case)] /// Sets Common Name of certificate /// (deprecated) Sets Common Name of certificate /// /// This function is deprecated, use `X509Generator.add_name` instead. /// Don't use this function AND the `add_name` method pub fn set_CN(mut self, CN: &str) -> X509Generator { self.CN = CN.to_string(); match self.names.get_mut(0) { Some(&mut(_,ref mut val)) => *val=CN.to_string(), _ => {} /* would move push here, but borrow checker won't let me */ } if self.names.len()==0 { self.names.push(("CN".to_string(),CN.to_string())); } self } /// Add attribute to the name of the certificate /// /// ``` /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_name("CN".to_string(),"example.com".to_string()); /// ``` pub fn add_name(mut self, attr_type: String, attr_value: String) -> X509Generator { self.names.push((attr_type,attr_value)); self } /// Add multiple attributes to the name of the certificate /// /// ``` /// # let generator = openssl::x509::X509Generator::new(); /// generator.add_names(vec![("CN".to_string(),"example.com".to_string())]); /// ``` pub fn add_names<I>(mut self, attrs: I) -> X509Generator where I: IntoIterator<Item=(String,String)> { self.names.extend(attrs); self } Loading Loading @@ -267,7 +299,7 @@ impl X509Generator { } } fn add_name(name: *mut ffi::X509_NAME, key: &str, value: &str) -> Result<(), SslError> { fn add_name_internal(name: *mut ffi::X509_NAME, key: &str, value: &str) -> Result<(), SslError> { let value_len = value.len() as c_int; lift_ssl!(unsafe { let key = CString::new(key.as_bytes()).unwrap(); Loading Loading @@ -333,7 +365,15 @@ impl X509Generator { let name = ffi::X509_get_subject_name(x509.handle); try_ssl_null!(name); try!(X509Generator::add_name(name, "CN", &self.CN)); let default=[("CN","rust-openssl")]; let default_iter=&mut default.iter().map(|&(k,v)|(k,v)); let arg_iter=&mut self.names.iter().map(|&(ref k,ref v)|(&k[..],&v[..])); let iter: &mut Iterator<Item=(&str,&str)> = if self.names.len()==0 { default_iter } else { arg_iter }; for (key,val) in iter { try!(X509Generator::add_name_internal(name, &key, &val)); } ffi::X509_set_issuer_name(x509.handle, name); for (exttype,ext) in self.extensions.iter() { Loading
openssl/src/x509/tests.rs +1 −1 Original line number Diff line number Diff line Loading @@ -16,7 +16,7 @@ fn test_cert_gen() { let gen = X509Generator::new() .set_bitlength(2048) .set_valid_period(365*2) .set_CN("test_me") .add_name("CN".to_string(),"test_me".to_string()) .set_sign_hash(SHA256) .add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment])) .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999.1".to_owned())])) Loading
