est-ca 0.1.0 - Docs.rs

//! PKCS#7 / CMS helpers for EST's on-the-wire encoding.
//!
//! EST returns issued certs as a **CMS `SignedData` with no signers, no
//! content, and the cert chain in the `certificates` set** — what the
//! standard calls a "degenerate certs-only" message (RFC 5652 §5.1).
//! The body is then base64-encoded (per RFC 7030 §4.1.3) for HTTP transport.

use ::cms::cert::CertificateChoices;
use ::cms::content_info::{CmsVersion, ContentInfo};
use ::cms::signed_data::{
    CertificateSet, EncapsulatedContentInfo, SignedData, SignerInfos,
};
use const_oid::db::rfc5911::{ID_DATA, ID_SIGNED_DATA};
use der::asn1::SetOfVec;
use der::{Decode, Encode};
use x509_cert::Certificate;

use crate::error::{Error, Result};

/// Encode one or more certificates as a PKCS#7 degenerate certs-only
/// CMS `SignedData` blob (DER bytes).
///
/// The output matches what RFC 7030 §4.1.3 (`simpleenroll` response) and
/// §4.1.1 (`cacerts` response) require before base64 transport encoding.
pub fn encode_degenerate(certs_der: &[Vec<u8>]) -> Result<Vec<u8>> {
    if certs_der.is_empty() {
        return Err(Error::Cms("encode_degenerate: empty cert list".into()));
    }

    let mut choices: Vec<CertificateChoices> = Vec::with_capacity(certs_der.len());
    for bytes in certs_der {
        let cert = Certificate::from_der(bytes)
            .map_err(|e| Error::Cms(format!("parse cert before wrap: {e}")))?;
        choices.push(CertificateChoices::Certificate(cert));
    }
    let set = SetOfVec::try_from(choices)
        .map_err(|e| Error::Cms(format!("build certificate set: {e}")))?;

    let signed = SignedData {
        version: CmsVersion::V1,
        digest_algorithms: Default::default(),
        encap_content_info: EncapsulatedContentInfo {
            econtent_type: ID_DATA,
            econtent: None,
        },
        certificates: Some(CertificateSet(set)),
        crls: None,
        signer_infos: SignerInfos(Default::default()),
    };

    let content = der::Any::encode_from(&signed)
        .map_err(|e| Error::Cms(format!("encode SignedData: {e}")))?;
    let info = ContentInfo { content_type: ID_SIGNED_DATA, content };
    info.to_der().map_err(|e| Error::Cms(format!("encode ContentInfo: {e}")))
}

/// Extract the issued leaf certificate (DER bytes) from an EST
/// `simpleenroll` response body — a base64 or raw DER encoded PKCS#7
/// degenerate certs-only CMS.
///
/// Returns the **first** certificate in the bundle, which EST servers
/// MUST place the issued leaf into (RFC 7030 §4.2.3).
pub fn decode_degenerate_first(body_der: &[u8]) -> Result<Vec<u8>> {
    let info = ContentInfo::from_der(body_der)
        .map_err(|e| Error::Cms(format!("parse ContentInfo: {e}")))?;
    if info.content_type != ID_SIGNED_DATA {
        return Err(Error::Cms(format!(
            "expected SignedData OID, got {}",
            info.content_type
        )));
    }
    let signed: SignedData = info
        .content
        .decode_as()
        .map_err(|e| Error::Cms(format!("decode SignedData: {e}")))?;
    let set = signed
        .certificates
        .ok_or_else(|| Error::Cms("SignedData has no certificates".into()))?;
    let first = set.0.iter().next().ok_or_else(|| Error::Cms("empty certificate set".into()))?;
    match first {
        CertificateChoices::Certificate(c) => c
            .to_der()
            .map_err(|e| Error::Cms(format!("re-encode leaf cert: {e}"))),
        _ => Err(Error::Cms("first certificate choice is not a plain X.509 cert".into())),
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[cfg(feature = "ca")]
    #[test]
    fn roundtrip_degenerate_single_cert() {
        // Generate a cheap self-signed cert via rcgen to round-trip.
        let params = rcgen::CertificateParams::new(vec!["test-roundtrip".into()]).unwrap();
        let key = rcgen::KeyPair::generate().unwrap();
        let cert = params.self_signed(&key).unwrap();
        let der = cert.der().to_vec();

        let wrapped = encode_degenerate(&[der.clone()]).unwrap();
        let unwrapped = decode_degenerate_first(&wrapped).unwrap();
        assert_eq!(unwrapped, der, "first cert should round-trip byte-for-byte");
    }
}