Loading openssl-sys/src/handwritten/x509v3.rs +8 −0 Original line number Diff line number Diff line Loading @@ -102,6 +102,14 @@ extern "C" { pub fn X509_get_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get0_subject_key_id(x: *mut X509) -> *const ASN1_OCTET_STRING; #[cfg(ossl110)] pub fn X509_get0_authority_key_id(x: *mut X509) -> *const ASN1_OCTET_STRING; #[cfg(ossl111)] pub fn X509_get0_authority_issuer(x: *mut X509) -> *const stack_st_GENERAL_NAME; #[cfg(ossl111)] pub fn X509_get0_authority_serial(x: *mut X509) -> *const ASN1_INTEGER; } #[repr(C)] Loading openssl/src/x509/mod.rs +40 −0 Original line number Diff line number Diff line Loading @@ -483,6 +483,46 @@ impl X509Ref { } } /// Returns this certificate's subject key id, if it exists. #[corresponds(X509_get0_subject_key_id)] #[cfg(ossl110)] pub fn subject_key_id(&self) -> Option<&Asn1OctetStringRef> { unsafe { let data = ffi::X509_get0_subject_key_id(self.as_ptr()); Asn1OctetStringRef::from_const_ptr_opt(data) } } /// Returns this certificate's authority key id, if it exists. #[corresponds(X509_get0_authority_key_id)] #[cfg(ossl110)] pub fn authority_key_id(&self) -> Option<&Asn1OctetStringRef> { unsafe { let data = ffi::X509_get0_authority_key_id(self.as_ptr()); Asn1OctetStringRef::from_const_ptr_opt(data) } } /// Returns this certificate's authority issuer name entries, if they exist. #[corresponds(X509_get0_authority_issuer)] #[cfg(ossl111)] pub fn authority_issuer(&self) -> Option<&StackRef<GeneralName>> { unsafe { let stack = ffi::X509_get0_authority_issuer(self.as_ptr()); StackRef::from_const_ptr_opt(stack) } } /// Returns this certificate's authority serial number, if it exists. #[corresponds(X509_get0_authority_serial)] #[cfg(ossl111)] pub fn authority_serial(&self) -> Option<&Asn1IntegerRef> { unsafe { let r = ffi::X509_get0_authority_serial(self.as_ptr()); Asn1IntegerRef::from_const_ptr_opt(r) } } #[corresponds(X509_get_pubkey)] pub fn public_key(&self) -> Result<PKey<Public>, ErrorStack> { unsafe { Loading openssl/src/x509/tests.rs +48 −0 Original line number Diff line number Diff line Loading @@ -168,6 +168,54 @@ fn test_subject_alt_name() { assert_eq!(Some("http://www.example.com"), subject_alt_names[4].uri()); } #[test] #[cfg(ossl110)] fn test_subject_key_id() { let cert = include_bytes!("../../test/certv3.pem"); let cert = X509::from_pem(cert).unwrap(); let subject_key_id = cert.subject_key_id().unwrap(); assert_eq!( subject_key_id.as_slice(), &b"\xB6\x73\x2F\x61\xA5\x4B\xA1\xEF\x48\x2C\x15\xB1\x9F\xF3\xDC\x34\x2F\xBC\xAC\x30"[..] ); } #[test] #[cfg(ossl110)] fn test_authority_key_id() { let cert = include_bytes!("../../test/certv3.pem"); let cert = X509::from_pem(cert).unwrap(); let authority_key_id = cert.authority_key_id().unwrap(); assert_eq!( authority_key_id.as_slice(), &b"\x6C\xD3\xA5\x03\xAB\x0D\x5F\x2C\xC9\x8D\x8A\x9C\x88\xA7\x88\x77\xB8\x37\xFD\x9A"[..] ); } #[test] #[cfg(ossl111)] fn test_authority_issuer_and_serial() { let cert = include_bytes!("../../test/authority_key_identifier.pem"); let cert = X509::from_pem(cert).unwrap(); let authority_issuer = cert.authority_issuer().unwrap(); assert_eq!(1, authority_issuer.len()); let dn = authority_issuer[0].directory_name().unwrap(); let mut o = dn.entries_by_nid(Nid::ORGANIZATIONNAME); let o = o.next().unwrap().data().as_utf8().unwrap(); assert_eq!(o.as_bytes(), b"PyCA"); let mut cn = dn.entries_by_nid(Nid::COMMONNAME); let cn = cn.next().unwrap().data().as_utf8().unwrap(); assert_eq!(cn.as_bytes(), b"cryptography.io"); let authority_serial = cert.authority_serial().unwrap(); let serial = authority_serial.to_bn().unwrap(); let expected = BigNum::from_u32(3).unwrap(); assert_eq!(serial, expected); } #[test] fn test_subject_alt_name_iter() { let cert = include_bytes!("../../test/alt_name_cert.pem"); Loading openssl/test/authority_key_identifier.pem 0 → 100644 +19 −0 Original line number Diff line number Diff line -----BEGIN CERTIFICATE----- MIIDIjCCAgqgAwIBAgIBAzANBgkqhkiG9w0BAQUFADApMQ0wCwYDVQQKDARQeUNB MRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW8wHhcNMTUwNTAzMDk0OTU2WhcNMTYw NTAyMDk0OTU2WjApMQ0wCwYDVQQKDARQeUNBMRgwFgYDVQQDDA9jcnlwdG9ncmFw aHkuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCadi1UZioxdnP ajqlRZHeKsSxvXXhgrWvlt91P3gV0dBThRFhJsLOhjNLz6PO6KeRbjz9GhTA2hdk xtIpXrjvTv9dEJ1/k0xebsHWgFC43aTlgekw0U4cMwMe5NGeeg1tfzbJwldIN+cK vabc08ADlkmM6DMnUArkzA2yii0DErRFMSIGrkDr6E9puord3h6Mh8Jfnc3TDAq8 Qo1DI2XM7oFSWNfecQ9KbIC5wzzT+7Shoyz7QmCk/XhRzt8Xcfc3yAXIwazvLf8b YP1auaSG11a5E+w6onj91h8UHKKOXu+rdq5YYPZ+qUYpxA7ZJ/VAGadMulYbXaO8 Syi39HTpAgMBAAGjVTBTMFEGA1UdIwRKMEiAFDlFPso9Yh3qhkn2WqtAt6RwmPHs oS2kKzApMQ0wCwYDVQQKDARQeUNBMRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW+C AQMwDQYJKoZIhvcNAQEFBQADggEBAFbZYy6aZJUK/f7nJx2Rs/ht6hMbM32/RoXZ JGbYapNVqVu/vymcfc/se3FHS5OVmPsnRlo/FIKDn/r5DGl73Sn/FvDJiLJZFucT msyYuHZ+ZRYWzWmN2fcB3cfxj0s3qps6f5OoCOqoINOSe4HRGlw4X9keZSD+3xAt vHNwQdlPC7zWbPdrzLT+FqR0e/O81vFJJS6drHJWqPcR3NQVtZw+UF7A/HKwbfeL Nu2zj6165hzOi9HUxa2/mPr/eLUUV1sTzXp2+TFjt3rVCjW1XnpMLdwNBHzjpyAB dTOX3iw0+BPy3s2jtnCW1PLpc74kvSTaBwhg74sq39EXfIKax00= -----END CERTIFICATE----- Loading
openssl-sys/src/handwritten/x509v3.rs +8 −0 Original line number Diff line number Diff line Loading @@ -102,6 +102,14 @@ extern "C" { pub fn X509_get_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get_extended_key_usage(x: *mut X509) -> u32; #[cfg(ossl110)] pub fn X509_get0_subject_key_id(x: *mut X509) -> *const ASN1_OCTET_STRING; #[cfg(ossl110)] pub fn X509_get0_authority_key_id(x: *mut X509) -> *const ASN1_OCTET_STRING; #[cfg(ossl111)] pub fn X509_get0_authority_issuer(x: *mut X509) -> *const stack_st_GENERAL_NAME; #[cfg(ossl111)] pub fn X509_get0_authority_serial(x: *mut X509) -> *const ASN1_INTEGER; } #[repr(C)] Loading
openssl/src/x509/mod.rs +40 −0 Original line number Diff line number Diff line Loading @@ -483,6 +483,46 @@ impl X509Ref { } } /// Returns this certificate's subject key id, if it exists. #[corresponds(X509_get0_subject_key_id)] #[cfg(ossl110)] pub fn subject_key_id(&self) -> Option<&Asn1OctetStringRef> { unsafe { let data = ffi::X509_get0_subject_key_id(self.as_ptr()); Asn1OctetStringRef::from_const_ptr_opt(data) } } /// Returns this certificate's authority key id, if it exists. #[corresponds(X509_get0_authority_key_id)] #[cfg(ossl110)] pub fn authority_key_id(&self) -> Option<&Asn1OctetStringRef> { unsafe { let data = ffi::X509_get0_authority_key_id(self.as_ptr()); Asn1OctetStringRef::from_const_ptr_opt(data) } } /// Returns this certificate's authority issuer name entries, if they exist. #[corresponds(X509_get0_authority_issuer)] #[cfg(ossl111)] pub fn authority_issuer(&self) -> Option<&StackRef<GeneralName>> { unsafe { let stack = ffi::X509_get0_authority_issuer(self.as_ptr()); StackRef::from_const_ptr_opt(stack) } } /// Returns this certificate's authority serial number, if it exists. #[corresponds(X509_get0_authority_serial)] #[cfg(ossl111)] pub fn authority_serial(&self) -> Option<&Asn1IntegerRef> { unsafe { let r = ffi::X509_get0_authority_serial(self.as_ptr()); Asn1IntegerRef::from_const_ptr_opt(r) } } #[corresponds(X509_get_pubkey)] pub fn public_key(&self) -> Result<PKey<Public>, ErrorStack> { unsafe { Loading
openssl/src/x509/tests.rs +48 −0 Original line number Diff line number Diff line Loading @@ -168,6 +168,54 @@ fn test_subject_alt_name() { assert_eq!(Some("http://www.example.com"), subject_alt_names[4].uri()); } #[test] #[cfg(ossl110)] fn test_subject_key_id() { let cert = include_bytes!("../../test/certv3.pem"); let cert = X509::from_pem(cert).unwrap(); let subject_key_id = cert.subject_key_id().unwrap(); assert_eq!( subject_key_id.as_slice(), &b"\xB6\x73\x2F\x61\xA5\x4B\xA1\xEF\x48\x2C\x15\xB1\x9F\xF3\xDC\x34\x2F\xBC\xAC\x30"[..] ); } #[test] #[cfg(ossl110)] fn test_authority_key_id() { let cert = include_bytes!("../../test/certv3.pem"); let cert = X509::from_pem(cert).unwrap(); let authority_key_id = cert.authority_key_id().unwrap(); assert_eq!( authority_key_id.as_slice(), &b"\x6C\xD3\xA5\x03\xAB\x0D\x5F\x2C\xC9\x8D\x8A\x9C\x88\xA7\x88\x77\xB8\x37\xFD\x9A"[..] ); } #[test] #[cfg(ossl111)] fn test_authority_issuer_and_serial() { let cert = include_bytes!("../../test/authority_key_identifier.pem"); let cert = X509::from_pem(cert).unwrap(); let authority_issuer = cert.authority_issuer().unwrap(); assert_eq!(1, authority_issuer.len()); let dn = authority_issuer[0].directory_name().unwrap(); let mut o = dn.entries_by_nid(Nid::ORGANIZATIONNAME); let o = o.next().unwrap().data().as_utf8().unwrap(); assert_eq!(o.as_bytes(), b"PyCA"); let mut cn = dn.entries_by_nid(Nid::COMMONNAME); let cn = cn.next().unwrap().data().as_utf8().unwrap(); assert_eq!(cn.as_bytes(), b"cryptography.io"); let authority_serial = cert.authority_serial().unwrap(); let serial = authority_serial.to_bn().unwrap(); let expected = BigNum::from_u32(3).unwrap(); assert_eq!(serial, expected); } #[test] fn test_subject_alt_name_iter() { let cert = include_bytes!("../../test/alt_name_cert.pem"); Loading
openssl/test/authority_key_identifier.pem 0 → 100644 +19 −0 Original line number Diff line number Diff line -----BEGIN CERTIFICATE----- MIIDIjCCAgqgAwIBAgIBAzANBgkqhkiG9w0BAQUFADApMQ0wCwYDVQQKDARQeUNB MRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW8wHhcNMTUwNTAzMDk0OTU2WhcNMTYw NTAyMDk0OTU2WjApMQ0wCwYDVQQKDARQeUNBMRgwFgYDVQQDDA9jcnlwdG9ncmFw aHkuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCadi1UZioxdnP ajqlRZHeKsSxvXXhgrWvlt91P3gV0dBThRFhJsLOhjNLz6PO6KeRbjz9GhTA2hdk xtIpXrjvTv9dEJ1/k0xebsHWgFC43aTlgekw0U4cMwMe5NGeeg1tfzbJwldIN+cK vabc08ADlkmM6DMnUArkzA2yii0DErRFMSIGrkDr6E9puord3h6Mh8Jfnc3TDAq8 Qo1DI2XM7oFSWNfecQ9KbIC5wzzT+7Shoyz7QmCk/XhRzt8Xcfc3yAXIwazvLf8b YP1auaSG11a5E+w6onj91h8UHKKOXu+rdq5YYPZ+qUYpxA7ZJ/VAGadMulYbXaO8 Syi39HTpAgMBAAGjVTBTMFEGA1UdIwRKMEiAFDlFPso9Yh3qhkn2WqtAt6RwmPHs oS2kKzApMQ0wCwYDVQQKDARQeUNBMRgwFgYDVQQDDA9jcnlwdG9ncmFwaHkuaW+C AQMwDQYJKoZIhvcNAQEFBQADggEBAFbZYy6aZJUK/f7nJx2Rs/ht6hMbM32/RoXZ JGbYapNVqVu/vymcfc/se3FHS5OVmPsnRlo/FIKDn/r5DGl73Sn/FvDJiLJZFucT msyYuHZ+ZRYWzWmN2fcB3cfxj0s3qps6f5OoCOqoINOSe4HRGlw4X9keZSD+3xAt vHNwQdlPC7zWbPdrzLT+FqR0e/O81vFJJS6drHJWqPcR3NQVtZw+UF7A/HKwbfeL Nu2zj6165hzOi9HUxa2/mPr/eLUUV1sTzXp2+TFjt3rVCjW1XnpMLdwNBHzjpyAB dTOX3iw0+BPy3s2jtnCW1PLpc74kvSTaBwhg74sq39EXfIKax00= -----END CERTIFICATE-----
