WIP cert authorities

This commit is contained in:
Pierre HUBERT 2024-06-28 01:34:15 +02:00
parent f4e2bb69b6
commit ffb8cbb6eb

View File

@ -1,6 +1,6 @@
use crate::app_config::AppConfig; use crate::app_config::AppConfig;
use asn1::{ use asn1::{
parse_single, Asn1Readable, Asn1Writable, Implicit, OctetStringEncoded, ParseResult, parse_single, Asn1Readable, Asn1Writable, Explicit, Implicit, OctetStringEncoded, ParseResult,
SimpleAsn1Readable, SimpleAsn1Writable, Tag, WriteBuf, WriteResult, Writer, SimpleAsn1Readable, SimpleAsn1Writable, Tag, WriteBuf, WriteResult, Writer,
}; };
use openssl::asn1::{Asn1Object, Asn1OctetString, Asn1OctetStringRef, Asn1Time}; use openssl::asn1::{Asn1Object, Asn1OctetString, Asn1OctetStringRef, Asn1Time};
@ -47,14 +47,6 @@ fn load_certificate_from_file<P: AsRef<Path>>(path: P) -> anyhow::Result<X509> {
Ok(X509::from_pem(&std::fs::read(path)?)?) Ok(X509::from_pem(&std::fs::read(path)?)?)
} }
struct CustomOctetStringEncoded<T>(OctetStringEncoded<T>);
impl<T: Asn1Writable> SimpleAsn1Writable for CustomOctetStringEncoded<T> {
const TAG: Tag = Tag::primitive(0x86);
fn write_data(&self, dest: &mut WriteBuf) -> WriteResult {
self.0.write(&mut Writer::new(dest))
}
}
/// Generate intermediate or root CA /// Generate intermediate or root CA
fn gen_intermediate_or_root_ca( fn gen_intermediate_or_root_ca(
cn: &str, cn: &str,
@ -96,16 +88,28 @@ fn gen_intermediate_or_root_ca(
"FIXME_TODO" "FIXME_TODO"
); );
let crl_url = "http://crl.identrust.com/DSTROOTCAX3CRL.crl".to_string();
let crl_obj = Asn1Object::from_str("2.5.29.31")?; let crl_obj = Asn1Object::from_str("2.5.29.31")?;
let content: Implicit<CustomOctetStringEncoded<&[u8]>, 0xa0> = asn1::Implicit::new( let TAG_A0 = Tag::from_bytes(&[0xa0]).unwrap().0;
CustomOctetStringEncoded(OctetStringEncoded::new(crl_url.as_bytes())), let TAG_86 = Tag::from_bytes(&[0x86]).unwrap().0;
);
let crl_bytes = asn1::write(|w| { let crl_bytes = asn1::write(|w| {
w.write_element(&asn1::SequenceWriter::new(&|w| { w.write_element(&asn1::SequenceWriter::new(&|w| {
w.write_element(&asn1::SequenceWriter::new(&|w| { w.write_element(&asn1::SequenceWriter::new(&|w| {
w.write_implicit_element(&content, 0xa0)?; w.write_tlv(TAG_A0, |w| {
w.push_slice(&asn1::write(|w| {
w.write_tlv(TAG_A0, |w| {
w.push_slice(&asn1::write(|w| {
w.write_tlv(TAG_86, |b| b.push_slice(crl_url.as_bytes()))?;
Ok(())
})?)
})?;
Ok(())
})?)
})?;
Ok(()) Ok(())
}))?; }))?;
Ok(()) Ok(())