From c1232f30356d0241f8fc8f128f100f0d78609029 Mon Sep 17 00:00:00 2001
From: Jethro Beekman <jethro@jbeekman.nl>
Date: Thu, 28 May 2015 00:21:21 -0700
Subject: Implement limited X509_REQ functionality

---
 openssl/src/x509/mod.rs | 58 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)

(limited to 'openssl/src')

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 4096f690..d8d082fb 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -391,6 +391,20 @@ impl X509Generator {
             Ok(x509)
         }
     }
+
+    /// Obtain a certificate signing request (CSR)
+    pub fn request(&self, p_key: &PKey) -> Result<X509Req, SslError> {
+        let cert=match self.sign(p_key) {
+            Ok(c) => c,
+            Err(x) => return Err(x)
+        };
+
+        let hash_fn = self.hash_type.evp_md();
+        let req = unsafe { ffi::X509_to_X509_REQ(cert.handle, p_key.get_handle(), hash_fn) };
+        try_ssl_null!(req);
+
+        Ok(X509Req::new(req))
+    }
 }
 
 
@@ -538,6 +552,50 @@ impl <'x> X509Name<'x> {
     }
 }
 
+#[allow(dead_code)]
+/// A certificate signing request
+pub struct X509Req {
+    handle: *mut ffi::X509_REQ,
+}
+
+impl X509Req {
+    /// Creates new from handle
+    pub fn new(handle: *mut ffi::X509_REQ) -> X509Req {
+        X509Req {
+            handle: handle,
+        }
+    }
+
+    /// Reads CSR from PEM
+    pub fn from_pem<R>(reader: &mut R) -> Result<X509Req, SslError> where R: Read {
+        let mut mem_bio = try!(MemBio::new());
+        try!(io::copy(reader, &mut mem_bio).map_err(StreamError));
+
+        unsafe {
+            let handle = try_ssl_null!(ffi::PEM_read_bio_X509_REQ(mem_bio.get_handle(),
+                                                              ptr::null_mut(),
+                                                              None, ptr::null_mut()));
+            Ok(X509Req::new(handle))
+        }
+    }
+
+    /// Writes CSR as PEM
+    pub fn write_pem<W>(&self, writer: &mut W) -> Result<(), SslError> where W: Write {
+        let mut mem_bio = try!(MemBio::new());
+        unsafe {
+            try_ssl!(ffi::PEM_write_bio_X509_REQ(mem_bio.get_handle(),
+                                             self.handle));
+        }
+        io::copy(&mut mem_bio, writer).map_err(StreamError).map(|_| ())
+    }
+}
+
+impl Drop for X509Req {
+    fn drop(&mut self) {
+        unsafe { ffi::X509_REQ_free(self.handle) };
+    }
+}
+
 macro_rules! make_validation_error(
     ($ok_val:ident, $($name:ident = $val:ident,)+) => (
         #[derive(Copy, Clone)]
-- 
cgit v1.2.3


From ed6f7997a2e1fbfea291069c05b3e45b9c770758 Mon Sep 17 00:00:00 2001
From: Jethro Beekman <jethro@jbeekman.nl>
Date: Thu, 28 May 2015 20:47:53 -0700
Subject: Remove superfluous dead_code attribute

---
 openssl/src/x509/mod.rs | 1 -
 1 file changed, 1 deletion(-)

(limited to 'openssl/src')

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index d8d082fb..7c08d89e 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -552,7 +552,6 @@ impl <'x> X509Name<'x> {
     }
 }
 
-#[allow(dead_code)]
 /// A certificate signing request
 pub struct X509Req {
     handle: *mut ffi::X509_REQ,
-- 
cgit v1.2.3