hatter/acme-client-rs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: update x509

Browse Source
This commit is contained in:
Hatter Jiang
2021-05-03 23:18:55 +08:00
parent 02dbc6f63f
commit 6da26e2de9
2 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/config.rs
View File

@@ -87,6 +87,7 @@ pub struct AcmeConfig {
pub struct CertConfigItem {
pub path: String,
pub algo: Option<String>,
pub common_name: Option<String>,
pub dns_names: Option<Vec<String>>,
}

32
src/x509.rs
View File

@@ -6,7 +6,8 @@ use std::str::FromStr;
use rust_util::XResult;
use x509_parser::der_parser::der::parse_der_bitstring;
use x509_parser::der_parser::parse_der;
use x509_parser::x509::AlgorithmIdentifier;
use x509_parser::x509::{AlgorithmIdentifier, SubjectPublicKeyInfo};
use x509_parser::der_parser::ber::BerObjectContent;
lazy_static! {
static ref OID_COMMON_NAME: Oid<'static> = Oid::from_str("2.5.4.3").unwrap();
@@ -14,7 +15,7 @@ lazy_static! {
static ref OID_ECDSA_WITH_SHA256: Oid<'static> = Oid::from_str("1.2.840.10045.4.3.2").unwrap();
static ref OID_EC_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.10045.2.1").unwrap();
static ref OID_RSA_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.113549.1.1.11").unwrap();
static ref OID_RSA_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.113549.1.1.1").unwrap();
static ref OID_SECP256R1: Oid<'static> = Oid::from_str("1.2.840.10045.3.1.7").unwrap();
static ref OID_SECP384R1: Oid<'static> = Oid::from_str("1.3.132.0.34").unwrap();
@@ -41,7 +42,8 @@ pub enum X509PublicKeyAlgo {
}
impl X509PublicKeyAlgo {
pub fn parse<'a>(pem_id: &str, algorithm: &AlgorithmIdentifier<'a>) -> XResult<Self> {
pub fn parse<'a>(pem_id: &str, public_key_info: &SubjectPublicKeyInfo<'a>) -> XResult<Self> {
let algorithm = &public_key_info.algorithm;
let public_key_algo_oid = &algorithm.algorithm;
if public_key_algo_oid == &*OID_EC_PUBLIC_KEY {
let parameters = match &algorithm.parameters {
@@ -60,6 +62,19 @@ impl X509PublicKeyAlgo {
};
Ok(Self::EcKey(ec_public_key_algo))
} else if public_key_algo_oid == &*OID_RSA_PUBLIC_KEY {
// TODO ..
println!(":::-> {:?}", public_key_info.subject_public_key);
let d = parse_der(public_key_info.subject_public_key.data);
println!("{:?}", d);
println!("{:?}", d.as_ref().unwrap().1.content);
if let BerObjectContent::Sequence(seq) = &d.as_ref().unwrap().1.content {
println!("||| {:?}", &seq[0].content);
if let BerObjectContent::Integer(int) = seq[0].content {
println!(">>> {:?}", int);
println!(">>> {:?}", int.len());
println!(">>> {:?}", int.len() * 8);
}
}
Ok(Self::Rsa)
} else {
simple_error!("Parse cert: {}, unknown public key algo oid: {}", pem_id, public_key_algo_oid)
@@ -75,6 +90,13 @@ pub struct X509Certificate {
pub public_key_algo: X509PublicKeyAlgo,
}
#[test]
fn test() {
let p = include_str!("sample_cert.pem");
let c = parse_x500("aa", p);
println!("{:?}", c);
}
pub fn parse_x500(pem_id: &str, pem: &str) -> XResult<X509Certificate> {
let (_, der) = opt_result!(parse_x509_pem(pem.as_bytes()), "Parse pem: {} to der failed: {}", pem_id);
let (_, cert) = opt_result!(parse_x509_certificate(der.contents.as_slice()), "Parse cert: {} failed: {}", pem_id);
@@ -91,7 +113,7 @@ pub fn parse_x500(pem_id: &str, pem: &str) -> XResult<X509Certificate> {
} else if cert_algorithm_oid == &*OID_ECDSA_WITH_SHA256 {
X509IssuerAlgo::EcdsaWithSha256
} else {
return simple_error!("Unknown x509 algorithm oid: {:?}", cert_algorithm_oid);
return simple_error!("Parse pem: {}, unknown x509 algorithm oid: {:?}", pem_id, cert_algorithm_oid);
};
let common_name = match common_name {
None => return simple_error!("Cannot find common name from: {}", pem_id),
@@ -108,7 +130,7 @@ pub fn parse_x500(pem_id: &str, pem: &str) -> XResult<X509Certificate> {
}
}
}
let public_key_algo = X509PublicKeyAlgo::parse(pem_id, &cert.tbs_certificate.subject_pki.algorithm)?;
let public_key_algo = X509PublicKeyAlgo::parse(pem_id, &cert.tbs_certificate.subject_pki)?;
Ok(X509Certificate {
issuer_algo,