Add arbitrary X509 extensions by NID

author: Jethro Beekman <[email protected]> 2015-06-30 22:37:49 -0700
committer: Jethro Beekman <[email protected]> 2015-07-01 00:18:45 -0700
commit: e367567d00cdbd6b12906a424971146f6c3eea28 (patch)
tree: 2372305930aef7413c809220ec49d0d7391aa531 /openssl/src
parent: Add public generic extension interface to X509Generator (diff)
download: rust-openssl-e367567d00cdbd6b12906a424971146f6c3eea28.tar.xz
rust-openssl-e367567d00cdbd6b12906a424971146f6c3eea28.zip
2 files changed, 8 insertions, 2 deletions
diff --git a/openssl/src/x509/extension.rs b/openssl/src/x509/extension.rs
index 66b218ad..4576ad1a 100644
--- a/openssl/src/x509/extension.rs
+++ b/openssl/src/x509/extension.rs
@@ -5,12 +5,14 @@ use nid::Nid;
 pub enum ExtensionType {
 	KeyUsage,
 	ExtKeyUsage,
+	OtherNid(Nid),
 }
 
 #[derive(Clone)]
 pub enum Extension {
 	KeyUsage(Vec<KeyUsageOption>),
 	ExtKeyUsage(Vec<ExtKeyUsageOption>),
+	OtherNid(Nid,String),
 }
 
 impl Extension {
@@ -18,6 +20,7 @@ impl Extension {
 		match self {
 			&Extension::KeyUsage(_) => ExtensionType::KeyUsage,
 			&Extension::ExtKeyUsage(_) => ExtensionType::ExtKeyUsage,
+			&Extension::OtherNid(nid,_) => ExtensionType::OtherNid(nid),
 		}
 	}
 
@@ -25,6 +28,7 @@ impl Extension {
 		match self {
 			&Extension::KeyUsage(_) => Nid::KeyUsage,
 			&Extension::ExtKeyUsage(_) => Nid::ExtendedKeyUsage,
+			&Extension::OtherNid(nid,_) => nid,
 		}
 	}
 }
@@ -44,6 +48,7 @@ impl ToString for Extension {
 		match self {
 			&Extension::KeyUsage(ref purposes) => join(purposes.iter(),","),
 			&Extension::ExtKeyUsage(ref purposes) => join(purposes.iter(),","),
+			&Extension::OtherNid(_,ref value) => value.clone(),
 		}
     }
 }
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index 806bc671..0061453c 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -5,7 +5,7 @@ use std::fs::File;
 
 use crypto::hash::Type::{SHA256};
 use x509::{X509, X509Generator};
-use x509::extension::Extension::{KeyUsage,ExtKeyUsage};
+use x509::extension::Extension::{KeyUsage,ExtKeyUsage,OtherNid};
 use x509::extension::KeyUsageOption::{DigitalSignature, KeyEncipherment};
 use x509::extension::ExtKeyUsageOption::{self, ClientAuth, ServerAuth};
 use nid::Nid;
@@ -18,7 +18,8 @@ fn test_cert_gen() {
         .set_CN("test_me")
         .set_sign_hash(SHA256)
         .add_extension(KeyUsage(vec![DigitalSignature, KeyEncipherment]))
-        .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]));
+        .add_extension(ExtKeyUsage(vec![ClientAuth, ServerAuth, ExtKeyUsageOption::Other("2.999".to_owned())]))
+        .add_extension(OtherNid(Nid::BasicConstraints,"critical,CA:TRUE".to_owned()));
 
     let (cert, pkey) = gen.generate().unwrap();
     cert.write_pem(&mut io::sink()).unwrap();
author	Jethro Beekman <[email protected]>	2015-06-30 22:37:49 -0700
committer	Jethro Beekman <[email protected]>	2015-07-01 00:18:45 -0700
commit	e367567d00cdbd6b12906a424971146f6c3eea28 (patch)
tree	2372305930aef7413c809220ec49d0d7391aa531 /openssl/src
parent	Add public generic extension interface to X509Generator (diff)
download	rust-openssl-e367567d00cdbd6b12906a424971146f6c3eea28.tar.xz rust-openssl-e367567d00cdbd6b12906a424971146f6c3eea28.zip