mls_rs_identity_x509/
traits.rs

1// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2// Copyright by contributors to this project.
3// SPDX-License-Identifier: (Apache-2.0 OR MIT)
4
5use crate::{DerCertificate, DerCertificateRequest};
6
7use alloc::vec::Vec;
8use mls_rs_core::{crypto::SignaturePublicKey, error::IntoAnyError};
9
10#[cfg(all(test, feature = "std"))]
11use mockall::automock;
12
13use alloc::string::String;
14
15#[derive(Debug, Clone, PartialEq, Eq, Hash)]
16/// Subject alt name extension values.
17pub enum SubjectAltName {
18    Email(String),
19    Uri(String),
20    Dns(String),
21    Rid(String),
22    Ip(String),
23}
24
25#[derive(Debug, Clone, PartialEq, Eq, Hash)]
26/// X.509 name components.
27pub enum SubjectComponent {
28    CommonName(String),
29    Surname(String),
30    SerialNumber(String),
31    CountryName(String),
32    Locality(String),
33    State(String),
34    StreetAddress(String),
35    OrganizationName(String),
36    OrganizationalUnit(String),
37    Title(String),
38    GivenName(String),
39    EmailAddress(String),
40    UserId(String),
41    DomainComponent(String),
42    Initials(String),
43    GenerationQualifier(String),
44    DistinguishedNameQualifier(String),
45    Pseudonym(String),
46}
47
48#[derive(Debug, Clone, Default, PartialEq, Eq)]
49/// Parameters used to generate certificate requests.
50pub struct CertificateRequestParameters {
51    pub subject: Vec<SubjectComponent>,
52    pub subject_alt_names: Vec<SubjectAltName>,
53    pub is_ca: bool,
54}
55
56#[cfg_attr(all(test, feature = "std"), automock(type Error = crate::test_utils::TestError;))]
57/// Trait for X.509 CSR writing.
58pub trait X509RequestWriter {
59    type Error: IntoAnyError;
60
61    fn write(
62        &self,
63        params: CertificateRequestParameters,
64    ) -> Result<DerCertificateRequest, Self::Error>;
65}
66
67#[cfg_attr(all(test, feature = "std"), automock(type Error = crate::test_utils::TestError;))]
68/// Trait for X.509 certificate parsing.
69pub trait X509CertificateReader {
70    type Error: IntoAnyError;
71
72    /// Der encoded bytes of a certificate subject field.
73    fn subject_bytes(&self, certificate: &DerCertificate) -> Result<Vec<u8>, Self::Error>;
74
75    /// Parsed certificate subject field components.
76    fn subject_components(
77        &self,
78        certificate: &DerCertificate,
79    ) -> Result<Vec<SubjectComponent>, Self::Error>;
80
81    /// Parsed subject alt name extensions of a certificate.
82    fn subject_alt_names(
83        &self,
84        certificate: &DerCertificate,
85    ) -> Result<Vec<SubjectAltName>, Self::Error>;
86
87    /// Get the subject public key of a certificate.
88    fn public_key(&self, certificate: &DerCertificate) -> Result<SignaturePublicKey, Self::Error>;
89}