mls_rs_identity_x509/
lib.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// Copyright by contributors to this project.
// SPDX-License-Identifier: (Apache-2.0 OR MIT)

#![cfg_attr(not(feature = "std"), no_std)]
extern crate alloc;

mod error;
mod identity_extractor;
mod provider;
mod traits;
mod util;

use alloc::vec::Vec;
use core::fmt::{self, Debug};

pub use error::*;
pub use identity_extractor::*;
pub use provider::*;
pub use traits::*;

pub use mls_rs_core::identity::{CertificateChain, DerCertificate};

#[cfg(all(test, target_arch = "wasm32"))]
wasm_bindgen_test::wasm_bindgen_test_configure!(run_in_browser);

#[derive(Clone, PartialEq, Eq)]
/// X.509 certificate request in DER format.
pub struct DerCertificateRequest(Vec<u8>);

impl Debug for DerCertificateRequest {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        mls_rs_core::debug::pretty_bytes(&self.0)
            .named("DerCertificateRequest")
            .fmt(f)
    }
}

impl DerCertificateRequest {
    /// Create a DER certificate request from raw bytes.
    pub fn new(data: Vec<u8>) -> DerCertificateRequest {
        DerCertificateRequest(data)
    }

    /// Convert this certificate request into raw bytes.
    pub fn into_vec(self) -> Vec<u8> {
        self.0
    }
}

impl From<Vec<u8>> for DerCertificateRequest {
    fn from(data: Vec<u8>) -> Self {
        DerCertificateRequest(data)
    }
}

impl AsRef<[u8]> for DerCertificateRequest {
    fn as_ref(&self) -> &[u8] {
        &self.0
    }
}

#[cfg(all(test, feature = "std"))]
pub(crate) mod test_utils {

    use alloc::vec;
    use mls_rs_core::{crypto::SignaturePublicKey, error::IntoAnyError, identity::SigningIdentity};
    use rand::{thread_rng, Rng};

    use crate::{CertificateChain, DerCertificate};

    #[derive(Debug, thiserror::Error)]
    #[error("test error")]
    pub struct TestError;

    impl IntoAnyError for TestError {
        fn into_dyn_error(self) -> Result<Box<dyn std::error::Error + Send + Sync>, Self> {
            Ok(self.into())
        }
    }

    pub fn test_certificate_chain() -> CertificateChain {
        (0..3)
            .map(|_| {
                let mut data = [0u8; 32];
                thread_rng().fill(&mut data);
                DerCertificate::from(data.to_vec())
            })
            .collect::<CertificateChain>()
    }

    pub fn test_signing_identity() -> SigningIdentity {
        let chain = test_certificate_chain();
        test_signing_identity_with_chain(chain)
    }

    pub fn test_signing_identity_with_chain(chain: CertificateChain) -> SigningIdentity {
        SigningIdentity {
            signature_key: SignaturePublicKey::from(vec![0u8; 128]),
            credential: chain.into_credential(),
        }
    }
}