WIP cert authorities

This commit is contained in:
Pierre HUBERT 2024-06-28 01:34:15 +02:00
parent f4e2bb69b6
commit ffb8cbb6eb

View File

@ -1,6 +1,6 @@
use crate::app_config::AppConfig;
use asn1::{
parse_single, Asn1Readable, Asn1Writable, Implicit, OctetStringEncoded, ParseResult,
parse_single, Asn1Readable, Asn1Writable, Explicit, Implicit, OctetStringEncoded, ParseResult,
SimpleAsn1Readable, SimpleAsn1Writable, Tag, WriteBuf, WriteResult, Writer,
};
use openssl::asn1::{Asn1Object, Asn1OctetString, Asn1OctetStringRef, Asn1Time};
@ -47,14 +47,6 @@ fn load_certificate_from_file<P: AsRef<Path>>(path: P) -> anyhow::Result<X509> {
Ok(X509::from_pem(&std::fs::read(path)?)?)
}
struct CustomOctetStringEncoded<T>(OctetStringEncoded<T>);
impl<T: Asn1Writable> SimpleAsn1Writable for CustomOctetStringEncoded<T> {
const TAG: Tag = Tag::primitive(0x86);
fn write_data(&self, dest: &mut WriteBuf) -> WriteResult {
self.0.write(&mut Writer::new(dest))
}
}
/// Generate intermediate or root CA
fn gen_intermediate_or_root_ca(
cn: &str,
@ -96,16 +88,28 @@ fn gen_intermediate_or_root_ca(
"FIXME_TODO"
);
let crl_url = "http://crl.identrust.com/DSTROOTCAX3CRL.crl".to_string();
let crl_obj = Asn1Object::from_str("2.5.29.31")?;
let content: Implicit<CustomOctetStringEncoded<&[u8]>, 0xa0> = asn1::Implicit::new(
CustomOctetStringEncoded(OctetStringEncoded::new(crl_url.as_bytes())),
);
let TAG_A0 = Tag::from_bytes(&[0xa0]).unwrap().0;
let TAG_86 = Tag::from_bytes(&[0x86]).unwrap().0;
let crl_bytes = asn1::write(|w| {
w.write_element(&asn1::SequenceWriter::new(&|w| {
w.write_element(&asn1::SequenceWriter::new(&|w| {
w.write_implicit_element(&content, 0xa0)?;
w.write_tlv(TAG_A0, |w| {
w.push_slice(&asn1::write(|w| {
w.write_tlv(TAG_A0, |w| {
w.push_slice(&asn1::write(|w| {
w.write_tlv(TAG_86, |b| b.push_slice(crl_url.as_bytes()))?;
Ok(())
})?)
})?;
Ok(())
})?)
})?;
Ok(())
}))?;
Ok(())