#![doc = include_str!("../README.md")]
#![cfg_attr(not(test), no_std)]
extern crate alloc;
pub mod attribute_certificate;
pub mod est;
use rasn::{types::*, Decode, Encode};
pub type InvalidityDate = GeneralizedTime;
pub type CertificateIssuer = GeneralNames;
pub type CrlNumber = Integer;
pub type BaseCrlNumber = CrlNumber;
pub type SubjectInfoAccessSyntax = SequenceOf<AccessDescription>;
pub type AuthorityInfoAccessSyntax = SequenceOf<AccessDescription>;
pub type FreshestCrl = CrlDistributionPoints;
pub type InhibitAnyPolicy = CrlDistributionPoints;
pub type KeyPurposeId = ObjectIdentifier;
pub type ExtKeyUsageSyntax = SequenceOf<KeyPurposeId>;
pub type ReasonFlags = BitString;
pub type SkipCerts = Integer;
pub type BaseDistance = Integer;
pub type CrlDistributionPoints = SequenceOf<DistributionPoint>;
pub type GeneralSubtrees = SequenceOf<GeneralSubtree>;
pub type SubjectDirectoryAttributes = SequenceOf<Attribute>;
pub type GeneralNames = SequenceOf<GeneralName>;
pub type SubjectAltName = GeneralNames;
pub type PolicyMappings = SequenceOf<PolicyMapping>;
pub type CpsUri = Ia5String;
pub type CertPolicyId = ObjectIdentifier;
pub type CertificatePolicies = SequenceOf<PolicyInformation>;
pub type KeyUsage = BitString;
pub type AttributeType = ObjectIdentifier;
pub type AttributeValue = Any;
pub type RdnSequence = SequenceOf<RelativeDistinguishedName>;
pub type X520DnQualifier = PrintableString;
pub type DomainComponent = Ia5String;
pub type EmailAddress = Ia5String;
pub type CertificateSerialNumber = Integer;
pub type UniqueIdentifier = BitString;
pub type NetworkAddress = X121Address;
pub type X121Address = NumericString;
pub type TerminalIdentifier = PrintableString;
pub type OrganisationName = PrintableString;
pub type NumericUserIdentifier = NumericString;
pub type TerminalType = u8;
pub type KeyIdentifier = OctetString;
pub type SubjectKeyIdentifier = KeyIdentifier;
pub type PolicyQualifierId = ObjectIdentifier;
pub type TrustAnchorTitle = Utf8String;
pub type TrustAnchorInfoVersion = Integer;
pub type TrustAnchorList = SequenceOf<TrustAnchorChoice>;
pub type CertPolicyFlags = BitString;
macro_rules! derefable {
($ty:ident, $inner:ty) => {
impl From<$inner> for $ty {
fn from(value: $inner) -> Self {
Self(value)
}
}
impl core::ops::Deref for $ty {
type Target = $inner;
fn deref(&self) -> &Self::Target {
&self.0
}
}
impl core::ops::DerefMut for $ty {
fn deref_mut(&mut self) -> &mut Self::Target {
&mut self.0
}
}
};
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct Certificate {
pub tbs_certificate: TbsCertificate,
pub signature_algorithm: AlgorithmIdentifier,
pub signature_value: BitString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct TbsCertificate {
#[rasn(tag(explicit(0)), default)]
pub version: Version,
pub serial_number: CertificateSerialNumber,
pub signature: AlgorithmIdentifier,
pub issuer: Name,
pub validity: Validity,
pub subject: Name,
pub subject_public_key_info: SubjectPublicKeyInfo,
#[rasn(tag(1))]
pub issuer_unique_id: Option<UniqueIdentifier>,
#[rasn(tag(2))]
pub subject_unique_id: Option<UniqueIdentifier>,
#[rasn(tag(explicit(3)))]
pub extensions: Option<Extensions>,
}
#[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate)]
pub struct Version(u64);
impl Version {
pub const V1: Self = Self(0);
pub const V2: Self = Self(1);
pub const V3: Self = Self(2);
pub fn raw_value(self) -> u64 {
self.0
}
}
impl Default for Version {
fn default() -> Self {
Self::V1
}
}
impl core::fmt::Display for Version {
fn fmt(&self, f: &mut core::fmt::Formatter<'_>) -> core::fmt::Result {
core::write!(f, "{}", self.0.saturating_add(1))
}
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct TrustAnchorInfo {
#[rasn(tag(explicit(1)), default)]
pub version: TrustAnchorInfoVersion,
pub pub_key: SubjectPublicKeyInfo,
pub key_id: KeyIdentifier,
pub ta_title: Option<TrustAnchorTitle>,
pub cert_path: Option<CertPathControls>,
#[rasn(tag(explicit(1)))]
pub exts: Option<Extensions>,
#[rasn(tag(2))]
pub ta_title_lang_tag: Option<Utf8String>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct CertPathControls {
pub ta_name: Name,
#[rasn(tag(0))]
pub certificate: Option<Certificate>,
#[rasn(tag(1))]
pub policy_set: Option<CertificatePolicies>,
#[rasn(tag(2))]
pub policy_flags: Option<CertPolicyFlags>,
#[rasn(tag(3))]
pub name_constr: Option<NameConstraints>,
#[rasn(tag(4))]
pub path_len_constraint: Option<Integer>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum TrustAnchorChoice {
Certificate(Certificate),
#[rasn(tag(explicit(1)))]
TbsCertificate(TbsCertificate),
#[rasn(tag(explicit(2)))]
TrustAnchorInfo(TrustAnchorInfo),
}
#[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct Validity {
pub not_before: Time,
pub not_after: Time,
}
#[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum Time {
Utc(UtcTime),
General(GeneralizedTime),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct SubjectPublicKeyInfo {
pub algorithm: AlgorithmIdentifier,
pub subject_public_key: BitString,
}
#[derive(AsnType, Default, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct AuthorityKeyIdentifier {
#[rasn(tag(0))]
pub key_identifier: Option<KeyIdentifier>,
#[rasn(tag(1))]
pub authority_cert_issuer: Option<GeneralNames>,
#[rasn(tag(2))]
pub authority_cert_serial_number: Option<CertificateSerialNumber>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct Extension {
pub extn_id: ObjectIdentifier,
#[rasn(default)]
pub critical: bool,
pub extn_value: OctetString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct CertificateList {
pub tbs_cert_list: TbsCertList,
pub signature_algorithm: AlgorithmIdentifier,
pub signature: BitString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct TbsCertList {
pub version: Version,
pub signature: AlgorithmIdentifier,
pub issuer: Name,
pub this_update: Time,
pub next_update: Option<Time>,
pub revoked_certificates: SequenceOf<RevokedCerificate>,
#[rasn(tag(explicit(0)))]
pub crl_extensions: Option<Extensions>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct RevokedCerificate {
pub user_certificate: CertificateSerialNumber,
pub revocation_date: Time,
pub crl_entry_extensions: Option<Extensions>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct AlgorithmIdentifier {
pub algorithm: ObjectIdentifier,
pub parameters: Option<Any>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct OrAddress {
pub built_in_standard_attributes: BuiltInStandardAttributes,
pub built_in_domain_defined_attributes: Option<BuiltInDomainDefinedAttributes>,
pub extension_attributes: Option<ExtensionAttributes>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct BuiltInStandardAttributes {
pub country_name: Option<CountryName>,
pub administraion_domain_name: Option<AdministrationDomainName>,
#[rasn(tag(0))]
pub network_address: Option<NetworkAddress>,
#[rasn(tag(1))]
pub terminal_identifier: Option<TerminalIdentifier>,
#[rasn(tag(2))]
pub private_domain_name: Option<PrivateDomainName>,
#[rasn(tag(3))]
pub organisation_name: Option<OrganisationName>,
#[rasn(tag(4))]
pub numeric_user_identifier: Option<NumericUserIdentifier>,
#[rasn(tag(5))]
pub personal_name: Option<PersonalName>,
#[rasn(tag(6))]
pub organisational_unit_name: Option<OrganisationalUnitNames>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=4"))]
pub struct BuiltInDomainDefinedAttributes(SequenceOf<BuiltInDomainDefinedAttribute>);
derefable!(
BuiltInDomainDefinedAttributes,
SequenceOf<BuiltInDomainDefinedAttribute>
);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct BuiltInDomainDefinedAttribute {
#[rasn(size("1..=8"))]
pub r#type: PrintableString,
#[rasn(size("1..=128"))]
pub value: PrintableString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(tag(explicit(application, 1)))]
#[rasn(choice)]
pub enum CountryName {
#[rasn(size(3))]
X121DccCode(NumericString),
#[rasn(size(2))]
Iso3166Alpha2Code(PrintableString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum PrivateDomainName {
#[rasn(size("1..=16"))]
Numeric(NumericString),
#[rasn(size("1..=16"))]
Printable(PrintableString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(tag(explicit(application, 2)), choice)]
pub enum AdministrationDomainName {
#[rasn(size("0..=16"))]
Numeric(NumericString),
#[rasn(size("0..=16"))]
Printable(PrintableString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(set)]
pub struct PersonalName {
#[rasn(tag(0))]
pub surname: PrintableString,
#[rasn(tag(1))]
pub given_name: Option<PrintableString>,
#[rasn(tag(2))]
pub initials: Option<PrintableString>,
#[rasn(tag(3))]
pub generation_qualifier: Option<PrintableString>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=4"))]
pub struct OrganisationalUnitNames(SequenceOf<OrganisationalUnitName>);
derefable!(OrganisationalUnitNames, SequenceOf<OrganisationalUnitName>);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=32"))]
pub struct OrganisationalUnitName(PrintableString);
derefable!(OrganisationalUnitName, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1.."))]
pub struct Extensions(SequenceOf<Extension>);
derefable!(Extensions, SequenceOf<Extension>);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1.."))]
pub struct RelativeDistinguishedName(SetOf<AttributeTypeAndValue>);
derefable!(RelativeDistinguishedName, SetOf<AttributeTypeAndValue>);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=256"))]
pub struct ExtensionAttributes(SetOf<ExtensionAttribute>);
derefable!(ExtensionAttributes, SetOf<ExtensionAttribute>);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct ExtensionAttribute {
#[rasn(tag(0), value("0..=256"))]
pub extension_attribute_type: u16,
#[rasn(tag(1))]
pub extension_attribute_value: Any,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(set)]
pub struct TeletexPersonalName {
#[rasn(tag(0), size("1..=40"))]
pub surname: TeletexString,
#[rasn(tag(1), size("1..=16"))]
pub given_name: Option<TeletexString>,
#[rasn(tag(2), size("1..=5"))]
pub initials: Option<TeletexString>,
#[rasn(tag(3), size("1..=3"))]
pub generation_qualifier: Option<TeletexString>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum PhysicalDeliveryCountryName {
#[rasn(size(3))]
X121DccCode(NumericString),
#[rasn(size(2))]
Iso3166Alpha2Code(PrintableString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum PostalCode {
#[rasn(size("1..=16"))]
Numeric(NumericString),
#[rasn(size("1..=16"))]
Printable(PrintableString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=64"))]
pub struct CommonName(PrintableString);
derefable!(CommonName, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=64"))]
pub struct TeletexCommonName(TeletexString);
derefable!(TeletexCommonName, TeletexString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=64"))]
pub struct TeletexOrganizationName(TeletexString);
derefable!(TeletexOrganizationName, TeletexString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=4"))]
pub struct TeletexOrganisationalUnitNames(SequenceOf<TeletexOrganisationalUnitName>);
derefable!(
TeletexOrganisationalUnitNames,
SequenceOf<TeletexOrganisationalUnitName>
);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=32"))]
pub struct TeletexOrganisationalUnitName(TeletexString);
derefable!(TeletexOrganisationalUnitName, TeletexString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=16"))]
pub struct PdsName(PrintableString);
derefable!(PdsName, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=30"))]
pub struct PrintableAddress(PrintableString);
derefable!(PrintableAddress, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=180"))]
pub struct TeletexAddress(TeletexString);
derefable!(TeletexAddress, TeletexString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(set)]
pub struct UnformattedPostalAddress {
#[rasn(size("1..=6"))]
pub printable_address: Option<SequenceOf<PrintableAddress>>,
pub teletex_string: Option<TeletexAddress>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(set)]
pub struct PdsParameter {
#[rasn(size("1..=30"))]
pub printable_string: Option<PrintableString>,
#[rasn(size("1..=30"))]
pub teletex_string: Option<TeletexString>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum ExtendedNetworkAddress {
E1634Address(E1634Address),
#[rasn(tag(0))]
PsapAddress(PresentationAddress),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct E1634Address {
#[rasn(tag(0), size("1..=15"))]
pub number: NumericString,
#[rasn(tag(1), size("1..=40"))]
pub sub_address: Option<NumericString>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct PresentationAddress {
#[rasn(tag(explicit(0)))]
pub p_selector: Option<OctetString>,
#[rasn(tag(explicit(1)))]
pub s_selector: Option<OctetString>,
#[rasn(tag(explicit(2)))]
pub t_selector: Option<OctetString>,
#[rasn(tag(explicit(3)), size("1.."))]
pub n_addresses: SetOf<OctetString>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=4"))]
pub struct TeletexDomainDefinedAttributes(SequenceOf<TeletexDomainDefinedAttribute>);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct TeletexDomainDefinedAttribute {
#[rasn(size("1..=8"))]
pub r#type: TeletexString,
#[rasn(size("1..=128"))]
pub value: TeletexString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum Name {
RdnSequence(RdnSequence),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialOrd, Ord, PartialEq, Eq, Hash)]
pub struct Attribute {
pub r#type: AttributeType,
pub values: SetOf<AttributeValue>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialOrd, Ord, PartialEq, Eq, Hash)]
pub struct AttributeTypeAndValue {
pub r#type: AttributeType,
pub value: AttributeValue,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct PolicyInformation {
pub policy_identifier: CertPolicyId,
pub policy_qualifiers: Option<SequenceOf<PolicyQualifierInfo>>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct PolicyQualifierInfo {
pub id: PolicyQualifierId,
pub qualifier: Any,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct UserNotice {
pub notice_ref: Option<NoticeReference>,
pub explicit_text: Option<DisplayText>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct NoticeReference {
pub organisation: DisplayText,
pub notice_numbers: SequenceOf<Integer>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum DisplayText {
Ia5String(Ia5String),
VisibleString(VisibleString),
BmpString(BmpString),
Utf8String(Utf8String),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct PolicyMapping {
pub issuer_domain_policy: CertPolicyId,
pub subject_domain_policy: CertPolicyId,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum GeneralName {
#[rasn(tag(0))]
OtherName(InstanceOf<OctetString>),
#[rasn(tag(1))]
Rfc822Name(Ia5String),
#[rasn(tag(2))]
DnsName(Ia5String),
#[rasn(tag(3))]
X400Address(alloc::boxed::Box<OrAddress>),
#[rasn(tag(4))]
DirectoryName(Name),
#[rasn(tag(5))]
EdiPartyName(EdiPartyName),
#[rasn(tag(6))]
Uri(Ia5String),
#[rasn(tag(7))]
IpAddress(OctetString),
#[rasn(tag(8))]
RegisteredId(ObjectIdentifier),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct EdiPartyName {
#[rasn(tag(0))]
pub name_assigner: Option<DirectoryString>,
#[rasn(tag(1))]
pub party_name: DirectoryString,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size(2))]
pub struct X520CountryName(PrintableString);
derefable!(X520CountryName, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(delegate, size("1..=64"))]
pub struct X520SerialNumber(PrintableString);
derefable!(X520SerialNumber, PrintableString);
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520StateOrProvinceName {
#[rasn(size("1..=128"))]
Teletex(TeletexString),
#[rasn(size("1..=128"))]
Printable(PrintableString),
#[rasn(size("1..=128"))]
Universal(UniversalString),
#[rasn(size("1..=128"))]
Utf8(Utf8String),
#[rasn(size("1..=128"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520OrganisationName {
#[rasn(size("1..=64"))]
Teletex(TeletexString),
#[rasn(size("1..=64"))]
Printable(PrintableString),
#[rasn(size("1..=64"))]
Universal(UniversalString),
#[rasn(size("1..=64"))]
Utf8(Utf8String),
#[rasn(size("1..=64"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520OrganisationalUnitName {
#[rasn(size("1..=64"))]
Teletex(TeletexString),
#[rasn(size("1..=64"))]
Printable(PrintableString),
#[rasn(size("1..=64"))]
Universal(UniversalString),
#[rasn(size("1..=64"))]
Utf8(Utf8String),
#[rasn(size("1..=64"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520Title {
#[rasn(size("1..=64"))]
Teletex(TeletexString),
#[rasn(size("1..=64"))]
Printable(PrintableString),
#[rasn(size("1..=64"))]
Universal(UniversalString),
#[rasn(size("1..=64"))]
Utf8(Utf8String),
#[rasn(size("1..=64"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520Pseudonym {
#[rasn(size("1..=128"))]
Teletex(TeletexString),
#[rasn(size("1..=128"))]
Printable(PrintableString),
#[rasn(size("1..=128"))]
Universal(UniversalString),
#[rasn(size("1..=128"))]
Utf8(Utf8String),
#[rasn(size("1..=128"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520LocalityName {
#[rasn(size("1..=128"))]
Teletex(TeletexString),
#[rasn(size("1..=128"))]
Printable(PrintableString),
#[rasn(size("1..=128"))]
Universal(UniversalString),
#[rasn(size("1..=128"))]
Utf8(Utf8String),
#[rasn(size("1..=128"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520Name {
#[rasn(size("1..=32768"))]
Teletex(TeletexString),
#[rasn(size("1..=32768"))]
Printable(PrintableString),
#[rasn(size("1..=32768"))]
Universal(UniversalString),
#[rasn(size("1..=32768"))]
Utf8(Utf8String),
#[rasn(size("1..=32768"))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum X520CommonName {
#[rasn(size("1..=64"))]
Teletex(TeletexString),
#[rasn(size("1..=64"))]
Printable(PrintableString),
#[rasn(size("1..=64"))]
Universal(UniversalString),
#[rasn(size("1..=64"))]
Utf8(Utf8String),
#[rasn(size("1..=64"))]
Bmp(BmpString),
}
macro_rules! directory_string_compat {
($($from:ident),+ $(,)?) => {
$(
impl PartialEq<$from> for DirectoryString {
fn eq(&self, rhs: &$from) -> bool {
match (rhs, self) {
($from::Teletex(lhs), Self::Teletex(rhs)) => lhs == rhs,
($from::Printable(lhs), Self::Printable(rhs)) => lhs == rhs,
($from::Universal(lhs), Self::Universal(rhs)) => lhs == rhs,
($from::Utf8(lhs), Self::Utf8(rhs)) => lhs == rhs,
($from::Bmp(lhs), Self::Bmp(rhs)) => lhs == rhs,
_ => false,
}
}
}
impl From<$from> for DirectoryString {
fn from(value: $from) -> Self {
match value {
$from::Teletex(value) => Self::Teletex(value),
$from::Printable(value) => Self::Printable(value),
$from::Universal(value) => Self::Universal(value),
$from::Utf8(value) => Self::Utf8(value),
$from::Bmp(value) => Self::Bmp(value),
}
}
}
)+
}
}
directory_string_compat! {
X520Name,
X520CommonName,
X520LocalityName,
X520Pseudonym,
X520Title,
X520OrganisationalUnitName,
X520OrganisationName,
X520StateOrProvinceName,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum DirectoryString {
#[rasn(size("1.."))]
Teletex(TeletexString),
#[rasn(size("1.."))]
Printable(PrintableString),
#[rasn(size("1.."))]
Universal(UniversalString),
#[rasn(size("1.."))]
Utf8(Utf8String),
#[rasn(size("1.."))]
Bmp(BmpString),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct BasicConstraints {
#[rasn(default)]
pub ca: bool,
pub path_len_constraint: Option<Integer>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct NameConstraints {
#[rasn(tag(0))]
pub permitted_subtrees: Option<GeneralSubtrees>,
#[rasn(tag(1))]
pub excluded_subtrees: Option<GeneralSubtrees>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct GeneralSubtree {
pub base: GeneralName,
#[rasn(tag(0), default)]
pub minimum: BaseDistance,
#[rasn(tag(1))]
pub maximum: Option<BaseDistance>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct PolicyConstraints {
#[rasn(tag(0))]
pub require_explicit_policy: Option<SkipCerts>,
#[rasn(tag(1))]
pub inhibit_policy_mapping: Option<SkipCerts>,
}
#[derive(AsnType, Clone, Debug, Default, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct DistributionPoint {
#[rasn(tag(0))]
pub distribution_point: Option<DistributionPointName>,
#[rasn(tag(1))]
pub reasons: Option<ReasonFlags>,
#[rasn(tag(2))]
pub crl_issuer: Option<GeneralNames>,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(choice)]
pub enum DistributionPointName {
#[rasn(tag(0))]
FullName(GeneralNames),
#[rasn(tag(1))]
NameRelativeToCrlIssuer(RelativeDistinguishedName),
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct AccessDescription {
pub access_method: ObjectIdentifier,
pub access_location: GeneralName,
}
#[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
#[rasn(enumerated)]
pub enum CrlReason {
Unspecified = 0,
KeyCompromise = 1,
CaCompromise = 2,
AffiliationChanged = 3,
Superseded = 4,
CessationOfOperation = 5,
CertificateHold = 6,
RemoveFromCRL = 8,
PrivilegeWithdrawn = 9,
AaCompromise = 10,
}
#[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct IssuingDistributionPoint {
#[rasn(tag(0))]
pub distribution_point: Option<DistributionPointName>,
#[rasn(tag(1), default)]
pub only_contains_user_certs: bool,
#[rasn(tag(2), default)]
pub only_contains_ca_certs: bool,
#[rasn(tag(3))]
pub only_some_reasons: Option<ReasonFlags>,
#[rasn(tag(4), default)]
pub indirect_crl: bool,
#[rasn(tag(5), default)]
pub only_contains_attribute_certs: bool,
}
#[cfg(test)]
mod tests {
extern crate alloc;
use super::*;
#[test]
fn time() {
rasn::der::decode::<Time>(&[
0x17, 0x0D, 0x31, 0x38, 0x30, 0x32, 0x30, 0x39, 0x31, 0x32, 0x33, 0x32, 0x30, 0x37,
0x5A,
])
.unwrap();
}
#[test]
fn algorithm_identifier() {
let expected_de = AlgorithmIdentifier {
algorithm: ObjectIdentifier::new_unchecked((&[1, 2, 840, 113549, 1, 1, 1][..]).into()),
parameters: Some(Any::new(rasn::der::encode(&()).unwrap())),
};
let expected_enc = &[
0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05,
0x00,
][..];
assert_eq!(expected_enc, rasn::der::encode(&expected_de).unwrap());
assert_eq!(expected_de, rasn::der::decode(&expected_enc).unwrap());
}
#[test]
fn certificate_policies() {
let expected_de: CertificatePolicies = alloc::vec![
PolicyInformation {
policy_identifier: ObjectIdentifier::new_unchecked(
(&[2, 23, 140, 1, 2, 1][..]).into()
),
policy_qualifiers: None,
},
PolicyInformation {
policy_identifier: ObjectIdentifier::new_unchecked(
(&[1, 3, 6, 1, 4, 1, 44947, 1, 1, 1][..]).into()
),
policy_qualifiers: Some(alloc::vec![PolicyQualifierInfo {
id: ObjectIdentifier::new_unchecked((&[1, 3, 6, 1, 5, 5, 7, 2, 1][..]).into()),
qualifier: Any::new(
rasn::der::encode(
&Ia5String::try_from(alloc::string::String::from(
"http://cps.root-x1.letsencrypt.org"
))
.unwrap()
)
.unwrap()
),
}]),
}
];
let expected_enc = &[
0x30, 0x4B, 0x30, 0x08, 0x06, 0x06, 0x67, 0x81, 0x0C, 0x01, 0x02, 0x01, 0x30, 0x3F,
0x06, 0x0B, 0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0xDF, 0x13, 0x01, 0x01, 0x01, 0x30,
0x30, 0x30, 0x2E, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x02, 0x01, 0x16,
0x22, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x63, 0x70, 0x73, 0x2E, 0x72, 0x6F,
0x6F, 0x74, 0x2D, 0x78, 0x31, 0x2E, 0x6C, 0x65, 0x74, 0x73, 0x65, 0x6E, 0x63, 0x72,
0x79, 0x70, 0x74, 0x2E, 0x6F, 0x72, 0x67,
][..];
assert_eq!(expected_enc, rasn::der::encode(&expected_de).unwrap());
assert_eq!(
expected_de,
rasn::der::decode::<CertificatePolicies>(&expected_enc).unwrap()
);
}
}