diff --git a/src/config.rs b/src/config.rs index e43fd2e..acab166 100644 --- a/src/config.rs +++ b/src/config.rs @@ -87,6 +87,7 @@ pub struct AcmeConfig { pub struct CertConfigItem { pub path: String, pub algo: Option, + pub common_name: Option, pub dns_names: Option>, } diff --git a/src/x509.rs b/src/x509.rs index dee722a..8bb8381 100644 --- a/src/x509.rs +++ b/src/x509.rs @@ -6,7 +6,8 @@ use std::str::FromStr; use rust_util::XResult; use x509_parser::der_parser::der::parse_der_bitstring; use x509_parser::der_parser::parse_der; -use x509_parser::x509::AlgorithmIdentifier; +use x509_parser::x509::{AlgorithmIdentifier, SubjectPublicKeyInfo}; +use x509_parser::der_parser::ber::BerObjectContent; lazy_static! { static ref OID_COMMON_NAME: Oid<'static> = Oid::from_str("2.5.4.3").unwrap(); @@ -14,7 +15,7 @@ lazy_static! { static ref OID_ECDSA_WITH_SHA256: Oid<'static> = Oid::from_str("1.2.840.10045.4.3.2").unwrap(); static ref OID_EC_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.10045.2.1").unwrap(); - static ref OID_RSA_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.113549.1.1.11").unwrap(); + static ref OID_RSA_PUBLIC_KEY: Oid<'static> = Oid::from_str("1.2.840.113549.1.1.1").unwrap(); static ref OID_SECP256R1: Oid<'static> = Oid::from_str("1.2.840.10045.3.1.7").unwrap(); static ref OID_SECP384R1: Oid<'static> = Oid::from_str("1.3.132.0.34").unwrap(); @@ -41,7 +42,8 @@ pub enum X509PublicKeyAlgo { } impl X509PublicKeyAlgo { - pub fn parse<'a>(pem_id: &str, algorithm: &AlgorithmIdentifier<'a>) -> XResult { + pub fn parse<'a>(pem_id: &str, public_key_info: &SubjectPublicKeyInfo<'a>) -> XResult { + let algorithm = &public_key_info.algorithm; let public_key_algo_oid = &algorithm.algorithm; if public_key_algo_oid == &*OID_EC_PUBLIC_KEY { let parameters = match &algorithm.parameters { @@ -60,6 +62,19 @@ impl X509PublicKeyAlgo { }; Ok(Self::EcKey(ec_public_key_algo)) } else if public_key_algo_oid == &*OID_RSA_PUBLIC_KEY { + // TODO .. + println!(":::-> {:?}", public_key_info.subject_public_key); + let d = parse_der(public_key_info.subject_public_key.data); + println!("{:?}", d); + println!("{:?}", d.as_ref().unwrap().1.content); + if let BerObjectContent::Sequence(seq) = &d.as_ref().unwrap().1.content { + println!("||| {:?}", &seq[0].content); + if let BerObjectContent::Integer(int) = seq[0].content { + println!(">>> {:?}", int); + println!(">>> {:?}", int.len()); + println!(">>> {:?}", int.len() * 8); + } + } Ok(Self::Rsa) } else { simple_error!("Parse cert: {}, unknown public key algo oid: {}", pem_id, public_key_algo_oid) @@ -75,6 +90,13 @@ pub struct X509Certificate { pub public_key_algo: X509PublicKeyAlgo, } +#[test] +fn test() { + let p = include_str!("sample_cert.pem"); + let c = parse_x500("aa", p); + println!("{:?}", c); +} + pub fn parse_x500(pem_id: &str, pem: &str) -> XResult { let (_, der) = opt_result!(parse_x509_pem(pem.as_bytes()), "Parse pem: {} to der failed: {}", pem_id); let (_, cert) = opt_result!(parse_x509_certificate(der.contents.as_slice()), "Parse cert: {} failed: {}", pem_id); @@ -91,7 +113,7 @@ pub fn parse_x500(pem_id: &str, pem: &str) -> XResult { } else if cert_algorithm_oid == &*OID_ECDSA_WITH_SHA256 { X509IssuerAlgo::EcdsaWithSha256 } else { - return simple_error!("Unknown x509 algorithm oid: {:?}", cert_algorithm_oid); + return simple_error!("Parse pem: {}, unknown x509 algorithm oid: {:?}", pem_id, cert_algorithm_oid); }; let common_name = match common_name { None => return simple_error!("Cannot find common name from: {}", pem_id), @@ -108,7 +130,7 @@ pub fn parse_x500(pem_id: &str, pem: &str) -> XResult { } } } - let public_key_algo = X509PublicKeyAlgo::parse(pem_id, &cert.tbs_certificate.subject_pki.algorithm)?; + let public_key_algo = X509PublicKeyAlgo::parse(pem_id, &cert.tbs_certificate.subject_pki)?; Ok(X509Certificate { issuer_algo,