Skip to content

Commit

Permalink
Temporarily pick up git branch for pki-types
Browse files Browse the repository at this point in the history
  • Loading branch information
@djc
djc committed Nov 23, 2023
1 parent 4e6831f commit b8092c5
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 11 deletions.
6 changes: 3 additions & 3 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ homepage = "https://github.com/rustls/webpki-roots"
repository = "https://github.com/rustls/webpki-roots"

[dependencies]
pki-types = { package = "rustls-pki-types", version = "0.2", default-features = false }
pki-types = { package = "rustls-pki-types", version = "0.2.2", git = "https://github.com/rustls/pki-types", rev = "f5691e203714613cf0ff3316bad17523cd41b105", default-features = false }

[dev-dependencies]
chrono = { version = "0.4.26", default-features = false, features = ["clock"] }
Expand All @@ -20,9 +20,9 @@ percent-encoding = "2.3"
rcgen = "0.11.1"
reqwest = { version = "0.11", features = ["rustls-tls-manual-roots"] }
ring = "0.17.0"
rustls-pemfile = "2.0.0-alpha.1"
rustls-pemfile = { version = "=2.0.0-alpha.2", git = "https://github.com/rustls/pemfile", rev = "cb401aa4f1153d85c7f5a26f7fd40acbb22cfefe" }
serde = { version = "1.0.183", features = ["derive"] }
tokio = { version = "1", features = ["macros", "rt-multi-thread"] }
webpki = { package = "rustls-webpki", version = "=0.102.0-alpha.6" }
webpki = { package = "rustls-webpki", version = "=0.102.0-alpha.7", git = "https://github.com/rustls/webpki", rev = "5d67b622685ed4a9eff05856de0ee621fa57b7ae", features = ["alloc"] }
x509-parser = "0.15.1"
yasna = "0.5.2"
4 changes: 2 additions & 2 deletions tests/codegen.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ use num_bigint::BigUint;
use pki_types::CertificateDer;
use ring::digest;
use serde::Deserialize;
use webpki::extract_trust_anchor;
use webpki::anchor_from_trusted_cert;
use x509_parser::prelude::AttributeTypeAndValue;
use x509_parser::x509::X509Name;

Expand Down Expand Up @@ -92,7 +92,7 @@ async fn new_generated_code_is_fresh() {
assert_eq!(calculated_fp.as_ref(), metadata_fp.as_slice());

let ta_der = CertificateDer::from(der.as_ref());
let ta = extract_trust_anchor(&ta_der).expect("malformed trust anchor der");
let ta = anchor_from_trusted_cert(&ta_der).expect("malformed trust anchor der");
subject.clear();
for &b in ta.subject.as_ref() {
write!(&mut subject, "{}", escape_default(b)).unwrap();
Expand Down
12 changes: 6 additions & 6 deletions tests/verify.rs
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
use core::time::Duration;
use std::convert::TryFrom;

use pki_types::{CertificateDer, SignatureVerificationAlgorithm, UnixTime};
use pki_types::{CertificateDer, SignatureVerificationAlgorithm, UnixTime, ServerName};
use rcgen::{BasicConstraints, Certificate, CertificateParams, DnType, IsCa, KeyUsagePurpose};
use webpki::{extract_trust_anchor, EndEntityCert, Error, KeyUsage, SubjectNameRef};
use webpki::{anchor_from_trusted_cert, EndEntityCert, Error, KeyUsage};
use x509_parser::extensions::{GeneralName, NameConstraints as X509ParserNameConstraints};
use x509_parser::prelude::FromDer;

Expand All @@ -17,7 +17,7 @@ fn name_constraints() {
{
let time = UnixTime::since_unix_epoch(Duration::from_secs(0x40000000)); // Time matching rcgen default.
let test_case = ConstraintTest::new(name_constraints.as_ref());
let trust_anchors = &[extract_trust_anchor(&test_case.trust_anchor).unwrap()];
let trust_anchors = &[anchor_from_trusted_cert(&test_case.trust_anchor).unwrap()];

// Each permitted EE should verify without error.
for permitted_ee in test_case.permitted_certs {
Expand Down Expand Up @@ -165,7 +165,7 @@ fn tubitak_name_constraint_works() {
let inter = CertificateDer::from(&include_bytes!("data/tubitak/inter.der")[..]);
let subj = CertificateDer::from(&include_bytes!("data/tubitak/subj.der")[..]);

let roots = [extract_trust_anchor(&root).unwrap().to_owned()];
let roots = [anchor_from_trusted_cert(&root).unwrap().to_owned()];
let now = UnixTime::since_unix_epoch(Duration::from_secs(1493668479));
let cert = EndEntityCert::try_from(&subj).unwrap();
cert.verify_for_usage(
Expand All @@ -179,8 +179,8 @@ fn tubitak_name_constraint_works() {
)
.unwrap();

let subject = SubjectNameRef::try_from_ascii_str("testssl.kamusm.gov.tr").unwrap();
cert.verify_is_valid_for_subject_name(subject).unwrap();
let subject = ServerName::try_from("testssl.kamusm.gov.tr").unwrap();
cert.verify_is_valid_for_subject_name(&subject).unwrap();
}

static ALL_ALGORITHMS: &[&dyn SignatureVerificationAlgorithm] = &[
Expand Down

0 comments on commit b8092c5

Please sign in to comment.