From ffb8cbb6ebf15b1da2c62a9c682532f22ec7e87e Mon Sep 17 00:00:00 2001
From: Pierre HUBERT <pierre.git@communiquons.org>
Date: Fri, 28 Jun 2024 01:34:15 +0200
Subject: [PATCH] WIP cert authorities

---
 central_backend/src/pki.rs | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/central_backend/src/pki.rs b/central_backend/src/pki.rs
index b92418c..25025c8 100644
--- a/central_backend/src/pki.rs
+++ b/central_backend/src/pki.rs
@@ -1,6 +1,6 @@
 use crate::app_config::AppConfig;
 use asn1::{
-    parse_single, Asn1Readable, Asn1Writable, Implicit, OctetStringEncoded, ParseResult,
+    parse_single, Asn1Readable, Asn1Writable, Explicit, Implicit, OctetStringEncoded, ParseResult,
     SimpleAsn1Readable, SimpleAsn1Writable, Tag, WriteBuf, WriteResult, Writer,
 };
 use openssl::asn1::{Asn1Object, Asn1OctetString, Asn1OctetStringRef, Asn1Time};
@@ -47,14 +47,6 @@ fn load_certificate_from_file<P: AsRef<Path>>(path: P) -> anyhow::Result<X509> {
     Ok(X509::from_pem(&std::fs::read(path)?)?)
 }
 
-struct CustomOctetStringEncoded<T>(OctetStringEncoded<T>);
-impl<T: Asn1Writable> SimpleAsn1Writable for CustomOctetStringEncoded<T> {
-    const TAG: Tag = Tag::primitive(0x86);
-    fn write_data(&self, dest: &mut WriteBuf) -> WriteResult {
-        self.0.write(&mut Writer::new(dest))
-    }
-}
-
 /// Generate intermediate or root CA
 fn gen_intermediate_or_root_ca(
     cn: &str,
@@ -96,16 +88,28 @@ fn gen_intermediate_or_root_ca(
             "FIXME_TODO"
         );
 
+        let crl_url = "http://crl.identrust.com/DSTROOTCAX3CRL.crl".to_string();
+
         let crl_obj = Asn1Object::from_str("2.5.29.31")?;
 
-        let content: Implicit<CustomOctetStringEncoded<&[u8]>, 0xa0> = asn1::Implicit::new(
-            CustomOctetStringEncoded(OctetStringEncoded::new(crl_url.as_bytes())),
-        );
+        let TAG_A0 = Tag::from_bytes(&[0xa0]).unwrap().0;
+        let TAG_86 = Tag::from_bytes(&[0x86]).unwrap().0;
 
         let crl_bytes = asn1::write(|w| {
             w.write_element(&asn1::SequenceWriter::new(&|w| {
                 w.write_element(&asn1::SequenceWriter::new(&|w| {
-                    w.write_implicit_element(&content, 0xa0)?;
+                    w.write_tlv(TAG_A0, |w| {
+                        w.push_slice(&asn1::write(|w| {
+                            w.write_tlv(TAG_A0, |w| {
+                                w.push_slice(&asn1::write(|w| {
+                                    w.write_tlv(TAG_86, |b| b.push_slice(crl_url.as_bytes()))?;
+                                    Ok(())
+                                })?)
+                            })?;
+
+                            Ok(())
+                        })?)
+                    })?;
                     Ok(())
                 }))?;
                 Ok(())