squashme: commit to push my shit!

Author: bitfl0wer

src/certs/mod.rs

@@ -177,14 +177,14 @@ pub fn equal_domain_components(name_1: &Name, name_2: &Name) -> bool {
     let mut domain_components_2 = Vec::new();
     for rdn in name_1.0.iter() {
         for ava in rdn.0.iter() {
-            if ava.oid.to_string().as_str() == OID_RDN_DOMAIN_COMPONENT {
+            if ava.oid == OID_RDN_DOMAIN_COMPONENT {
                 domain_components_1.push(String::from_utf8_lossy(ava.value.value()));
             }
         }
     }
     for rdn in name_2.0.iter() {
         for ava in rdn.0.iter() {
-            if ava.oid.to_string().as_str() == OID_RDN_DOMAIN_COMPONENT {
+            if ava.oid == OID_RDN_DOMAIN_COMPONENT {
                 domain_components_2.push(String::from_utf8_lossy(ava.value.value()));
             }
         }

src/constraints/name.rs

@@ -38,7 +38,7 @@ impl Constrained for Name {
                 "[Name::validate()] Determining OID of RDN {rdn} and performing appropriate validation"
             );
             for item in rdn.0.iter() {
-                match item.oid.to_string().as_str() {
+                match item.oid {
                     OID_RDN_UID => {
                         log::trace!("[Name::validate()] Found UID in RDN: {item}");
                         num_uid += 1;
@@ -106,9 +106,7 @@ impl Constrained for Name {
         } else if num_uid != 0 {
             validate_dc_matches_dc_in_uid(&vec_dc, &uid)?;
         }
-        log::trace!(
-            "Encountered {num_uid} UID components and {num_cn} Common Name components"
-        );
+        log::trace!("Encountered {num_uid} UID components and {num_cn} Common Name components");
         if num_uid != 0 && num_cn != 0 {
             log::trace!("Validating UID username matches Common Name");
             validate_uid_username_matches_cn(&uid, &cn)?;
@@ -163,16 +161,12 @@ fn validate_dc_matches_dc_in_uid(
     vec_dc: &[RelativeDistinguishedName],
     uid: &RelativeDistinguishedName,
 ) -> Result<(), ConstraintError> {
-    debug!(
-        "Validating vec_dc {vec_dc:?} and uid {uid} have same domain components"
-    );
+    debug!("Validating vec_dc {vec_dc:?} and uid {uid} have same domain components");
     // Find the position of the @ in the UID
     let position_of_at = match uid.to_string().find('@') {
         Some(pos) => pos,
         None => {
-            log::warn!(
-                "[validate_dc_matches_dc_in_uid] UID {uid} does not contain an @"
-            );
+            log::warn!("[validate_dc_matches_dc_in_uid] UID {uid} does not contain an @");
             return Err(ConstraintError::Malformed(Some(
                 "UID does not contain an @".to_string(),
             )));
@@ -245,9 +239,7 @@ fn validate_uid_username_matches_cn(
     let position_of_at = match uid_str.find('@') {
         Some(pos) => pos,
         None => {
-            log::warn!(
-                "[validate_dc_matches_dc_in_uid] UID \"{uid}\" does not contain an @"
-            );
+            log::warn!("[validate_dc_matches_dc_in_uid] UID \"{uid}\" does not contain an @");
             return Err(ConstraintError::Malformed(Some(
                 "UID does not contain an @".to_string(),
             )));

src/lib.rs

@@ -148,13 +148,15 @@ of this project.
 static ALLOC: wee_alloc::WeeAlloc = wee_alloc::WeeAlloc::INIT;
 
 /// The OID for the domainComponent RDN
-pub const OID_RDN_DOMAIN_COMPONENT: &str = "0.9.2342.19200300.100.1.25";
+pub const OID_RDN_DOMAIN_COMPONENT: ObjectIdentifier =
+    ObjectIdentifier::new_unwrap("0.9.2342.19200300.100.1.25");
 /// The OID for the commonName RDN
-pub const OID_RDN_COMMON_NAME: &str = "2.5.4.3";
+pub const OID_RDN_COMMON_NAME: ObjectIdentifier = ObjectIdentifier::new_unwrap("2.5.4.3");
 /// The OID for the uniqueIdentifier RDN
-pub const OID_RDN_UNIQUE_IDENTIFIER: &str = "0.9.2342.19200300.100.1.44";
+pub const OID_RDN_UNIQUE_IDENTIFIER: ObjectIdentifier =
+    ObjectIdentifier::new_unwrap("0.9.2342.19200300.100.1.44");
 /// The OID for the uid RDN
-pub const OID_RDN_UID: &str = "0.9.2342.19200300.100.1.1";
+pub const OID_RDN_UID: ObjectIdentifier = ObjectIdentifier::new_unwrap("0.9.2342.19200300.100.1.1");
 
 use certs::Target;
 use errors::base::ConstraintError;
@@ -184,6 +186,7 @@ mod constraints;
 
 pub use der;
 pub use spki;
+use spki::ObjectIdentifier;
 pub use url;
 pub use x509_cert::name::*;
 

src/types/pdn.rs

@@ -1,20 +1,29 @@
 use std::hash::Hash;
 
-use x509_cert::name::RelativeDistinguishedName;
+use x509_cert::attr::AttributeTypeAndValue;
+use x509_cert::name::{Name, RelativeDistinguishedName};
 
 use crate::certs::SessionId;
 use crate::types::{DomainName, FederationId};
+use crate::{
+    OID_RDN_COMMON_NAME, OID_RDN_DOMAIN_COMPONENT, OID_RDN_UID, OID_RDN_UNIQUE_IDENTIFIER,
+};
 
 /// Higher-level abstraction of X.509 [distinguished names](https://ldap.com/ldap-dns-and-rdns/),
 /// providing easier access to inner values compared to using [x509_cert::name::Name] in a raw manner.
 #[derive(Debug, Clone, PartialEq, Eq, Hash)]
 pub enum PolyprotoDistinguishedName {
-    /// A `pDN` with all necessary fields
+    /// A `pDN` with all necessary fields for an actor.
     ActorDn(ActorDN),
+    /// A `pDN` with all necessary fields for a home server.
     HomeServerDn(HomeServerDN),
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
+/// A [PolyprotoDistinguishedName] with all necessary fields for an actor certificate.
+///
+/// This struct is a higher-level abstraction of X.509 [distinguished names](https://ldap.com/ldap-dns-and-rdns/),
+/// providing easier access to inner values compared to using [x509_cert::name::Name] in a raw manner.
 pub struct ActorDN {
     federation_id: FederationId,
     domain_name: DomainName,
@@ -34,6 +43,10 @@ impl Hash for ActorDN {
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]
+/// A [PolyprotoDistinguishedName] with all necessary fields for a home server certificate.
+///
+/// This struct is a higher-level abstraction of X.509 [distinguished names](https://ldap.com/ldap-dns-and-rdns/),
+/// providing easier access to inner values compared to using [x509_cert::name::Name] in a raw manner.
 pub struct HomeServerDN {
     domain_name: DomainName,
     additional_fields: Vec<RelativeDistinguishedName>,
@@ -47,3 +60,26 @@ impl Hash for HomeServerDN {
             .for_each(|additional_field| additional_field.to_string().hash(state));
     }
 }
+
+impl TryFrom<Name> for ActorDN {
+    type Error = crate::errors::InvalidInput;
+
+    fn try_from(x509_distinguished_name: Name) -> Result<Self, Self::Error> {
+        let federation_id: AttributeTypeAndValue;
+        let domain_name: AttributeTypeAndValue;
+        let session_id: AttributeTypeAndValue;
+        let additional_fields: AttributeTypeAndValue;
+        for relative_distinguished_name in x509_distinguished_name.0.into_iter() {
+            for attribute_value_and_item in relative_distinguished_name.0.iter() {
+                match attribute_value_and_item.oid {
+                    OID_RDN_COMMON_NAME => (),
+                    OID_RDN_UID => (),
+                    OID_RDN_UNIQUE_IDENTIFIER => (),
+                    OID_RDN_DOMAIN_COMPONENT => (),
+                    other => (),
+                }
+            }
+        }
+        todo!()
+    }
+}