New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Decoding Subject, public key info to be able to print #112
Comments
Thank you for your issue! I would definitely like to improve both the debug printing and the API for these types. Here's how I think this could be added to the project.
We could also change the enum AlgorithimIdentifier {
Ed25519,
Ecdsa(EcpkParameters),
Unknown {
algorithm: ObjectIdentifier,
parameters: Option<Any>,
}
} Then you'd add a manual decode and encode implementation that matches it into the original representation. |
Thanks for the quick answer. I have been looking at x509_parser for ideas, but rasn is abstracted more. |
If you mean just to get a slice it's
This currently does not exist, but you can see we do have table of OIDs already in the source code. So what's required is modifying this macro definition to generate a lookup table.
You should be calling
You can't rely on the tag statically as a type can override the static tag (for example; fields or newtypes). You want to match by OID. |
I am working on creating a search for OIDs, The idea that I am working on is creating a constant array of ConstOid and name |
You’re going to need to move this macro from being declarative, to being a procedural macro in |
I have written a Cert Request decode and encode but there is a problem with the public key in CSR. https://webencrypt.org/asn1js/ here is the openssl output openssl req -in tst.csr -text |
Could you provide a bit more detail, what's the problem specifically? |
I have written a Certificate signing request generation and decode. It works self contained, but I want to verify it using openssl. openssl ed25519 public key does not have any parameters so it expects the key material directly after the key_alg. I have placed a bug report for openssl But I was wondering if rasn could not include a None option? |
Hmm, that doesn't seem right. In ASN.1 you don't set NULL when an Option is |
same. But I switch from Ia5String to Utf8String because Ia5String was giving me conversion issues |
use argparse::{ArgumentParser, StoreTrue, Store, StoreOption}; use ring::{ #[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)] impl Version {
} impl Default for Version { impl core::fmt::Display for Version { /// Attributes. #[derive(AsnType, Clone, Debug, Decode, Encode, PartialOrd, Ord, PartialEq, Eq, Hash)] #[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)] #[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)]
} fn rdprivkey(file: String) -> Ed25519KeyPair {
} pub fn mkAttribute(oidvec: Vec, val: &Utf8String) -> AttributeTypeAndValue { pub fn mkName(names: &Vec<(Vec,Utf8String)>) { } // CertificateRequestInfo
} fn main() {
} |
It looks like if it is none it should just return /// Encode the absent value of an optional field.
|
I found problem with ed25519 parameters. my fault |
@greenpdx Can I ask if there was a reason you were using pkcs8? Is there functionality in that crate that you'd like to see in the rasn PKIX crate? |
I would like to use polymorphic keys, There are three main algorithms I
use ed26619, es256 and RSA. in the Ring crate the sub variante needs to be
specified. In rasm the okcs8 just returns a Document.
I would like a "KeyPair" struct
pub struct OneAsymmetricKey {
pub algorithm: AlgorithmIdentifier,
private_key: [u8],
pub public_key: [u8],
}
impl OneAsymmetricKey {
pub fn sign() {}
pub fn verify() {}
pub fn read_key() If version one, reads or creates the public key
pub fmt () {}
Then create macros to use the correct keys.
…On Tue, Jan 17, 2023 at 9:37 AM XAMPPRocky ***@***.***> wrote:
@greenpdx <https://github.com/greenpdx> Can I ask if there was a reason
you were using pkcs8? Is there functionality in that crate that you'd like
to see in the rasn PKIX crate?
—
Reply to this email directly, view it on GitHub
<#112 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABDEGBVAJSAGCDTBK67DOBDWS24CLANCNFSM6AAAAAAS3E7CMU>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
I have created a PKCS8 reader and debug display. How do I create a "switch" for the three different OIDs? #[derive(AsnType, Clone, Copy, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)] impl Version {
} impl Default for Version { impl core::fmt::Display for Version { #[derive(AsnType, Clone, Debug, Decode, Encode, PartialOrd, Ord, PartialEq, Eq, Hash)] impl PKCS8 {
} pub fn rd_keys(file: &String) -> PKCS8 {
} PKCS8 key |
I am working on CSR attributes. It is an option and there needs to be a [0] in the ASN1 #[derive(AsnType, Clone, Debug, Decode, Encode, PartialEq, Eq, PartialOrd, Ord, Hash)] SEQUENCE (2 elem) SubjectPublicKey |
@greenpdx It would be very helpful if you could use code blocks and formatting in your comments as it would make them easier for me to read.
Are you sure? That's how it's done everywhere else in the codebase. Could you run |
I like rasn but I am have a problem decoding tbs_certificate fields. subject, subject_public_key_info, ...
When I print the subject I get
RdnSequence([{AttributeTypeAndValue { type: ObjectIdentifier([2, 5, 4, 3]), value: Any { contents: [12, 8, 84, 80, 32, 83, 83, 32, 67, 65] } }}, {AttributeTypeAndValue { type: ObjectIdentifier([2, 5, 4, 6]), value: Any { contents: [19, 2, 67, 82] } }}, {AttributeTypeAndValue { type: ObjectIdentifier([2, 5, 4, 7]), value: Any { contents: [12, 8, 80, 97, 108, 109, 97, 114, 101, 115] } }}])
CN = TP SS CA, C = CR, L = Palmares
and subject public key info.
SubjectPublicKeyInfo { algorithm: AlgorithmIdentifier { algorithm: ObjectIdentifier([1, 3, 101, 112]), parameters: None }, subject_public_key: BitVec<u8, bitvec::order::Msb0> { addr: 0x557c4f6c8a10, head: 000, bits: 256, capacity: 256 } [0, 1, 0, 0, 1, 0, 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 1, 1, 0, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 0, 1, 1, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 1, 1, 1, 0, 1, 0, 1, 0, 1, 0, 1, 1, 0, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 1, 1, 1, 0, 0, 1, 0, 1, 1, 1, 0, 1, 0, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 1, 1, 1, 1, 0, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 1, 0, 1, 1, 1, 0, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 1, 0, 0, 1, 0, 1, 0, 0, 1, 1, 0, 0, 1, 0, 0, 1, 1, 1, 0, 1, 1, 1, 0, 0, 1, 1, 0, 1, 1, 0, 1, 1, 1, 0] }
I would like to print out something like this
Public Key Algorithm: ED25519
ED25519 Public-Key:
pub:
4b:02:d2:8c:eb:99:32:e9:bb:92:80:83:1d:56:9e:
79:75:c7:e4:2f:4a:99:51:70:a9:41:94:ca:53:27:
73:6e
If you could show a code snippet that I could use to decode and print the cert.
specifically,
BitVec -> u8,
from OID ObjectIdentifier([1, 3, 101, 112]) to Ed25519
ObjectIdentifier([2, 5, 4, 3]), -> CN
value: Any { contents: [12, 8, 84, 80, 32, 83, 83, 32, 67, 65] } } -> TP SS CA
I hope to make a PR that would add these features
The text was updated successfully, but these errors were encountered: