Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lib: use ext helper in more places, test custom exts. #154

Merged
merged 4 commits into from
Sep 11, 2023
Merged

lib: use ext helper in more places, test custom exts. #154

merged 4 commits into from
Sep 11, 2023

Commits on Sep 10, 2023

  1. tests: add x509-parser test for custom exts 

    Previously there was no test coverage for custom extensions in
certificates or CSRs. This commit adds a simple example of encoding
a custom extension, and then demonstrating that it can be parsed with
`x509-parser`, both in a serialized certificate and in a CSR.

There's no support in webpki, openssl-rs or botan-rs for handling custom
extensions so no test coverage for those libraries is possible at this
time.
    @cpu
    cpu committed Sep 10, 2023
    Configuration menu
    Copy the full SHA
    007a2d6 View commit details
    Browse the repository at this point in the history

  2. lib: write key usage ext w/ helper.

    @cpu
    cpu committed Sep 10, 2023
    Configuration menu
    Copy the full SHA
    0604d2c View commit details
    Browse the repository at this point in the history

  3. lib: write custom exts w/ helper

    @cpu
    cpu committed Sep 10, 2023
    Configuration menu
    Copy the full SHA
    401e950 View commit details
    Browse the repository at this point in the history

  4. lib: fix custom exts for CSR w/o SANs. 

    Previously when writing CSR DER from `CertificateParams` that specified
custom extensions, but did not specify any SANs, the serialization code
would skip over writing the PKCS9 extension request attribute.

This commit updates the serialization logic to ensure the attribute is
written when either SANs are provided, or custom extensions are present.

Prior to this update, the modified `test_x509_custom_ext` test fails,
reproducing the problem reported in the issue tracker:

```
'test_x509_custom_ext::custom_ext' panicked at 'missing requested extensions'
```

With the update, it passes again.
    @cpu
    cpu committed Sep 10, 2023
    Configuration menu
    Copy the full SHA
    646e8fc View commit details
    Browse the repository at this point in the history