// Copyright (c) 2024 bitfl0wer // // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. // This Source Code Form is subject to the terms of the Mozilla Public // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. #![allow(unused)] use std::str::FromStr; use std::time::Duration; use crate::common::*; use der::asn1::{BitString, Ia5String, Uint, UtcTime}; use ed25519_dalek::{Signature as Ed25519DalekSignature, Signer, SigningKey, VerifyingKey}; use polyproto::certs::capabilities::{self, Capabilities}; use polyproto::certs::idcert::IdCert; use polyproto::certs::idcsr::IdCsr; use polyproto::certs::{PublicKeyInfo, Target}; use polyproto::key::{PrivateKey, PublicKey}; use polyproto::signature::Signature; use spki::{AlgorithmIdentifierOwned, ObjectIdentifier, SignatureBitStringEncoding}; use thiserror::Error; use x509_cert::attr::Attributes; use x509_cert::name::RdnSequence; use x509_cert::request::CertReq; use x509_cert::time::{Time, Validity}; use x509_cert::Certificate; #[cfg_attr(target_arch = "wasm32", wasm_bindgen_test::wasm_bindgen_test)] #[cfg_attr(not(target_arch = "wasm32"), test)] fn csr_from_pem() { init_logger(); let mut csprng = rand::rngs::OsRng; let priv_key = Ed25519PrivateKey::gen_keypair(&mut csprng); let csr = polyproto::certs::idcsr::IdCsr::new( &RdnSequence::from_str( "CN=flori,DC=polyphony,DC=chat,UID=flori@polyphony.chat,uniqueIdentifier=client1", ) .unwrap(), &priv_key, &Capabilities::default_actor(), Some(Target::Actor), ) .unwrap(); let data = csr.clone().to_pem(der::pem::LineEnding::LF).unwrap(); let csr_from_pem = IdCsr::from_pem(&data, Some(polyproto::certs::Target::Actor)).unwrap(); assert_eq!(csr_from_pem, csr); let csr = polyproto::certs::idcsr::IdCsr::new( &RdnSequence::from_str("CN=root,DC=polyphony,DC=chat").unwrap(), &priv_key, &Capabilities::default_home_server(), Some(Target::HomeServer), ) .unwrap(); let data = csr.clone().to_pem(der::pem::LineEnding::LF).unwrap(); let csr_from_pem = IdCsr::from_pem(&data, Some(polyproto::certs::Target::HomeServer)).unwrap(); assert_eq!(csr_from_pem, csr); } #[cfg_attr(target_arch = "wasm32", wasm_bindgen_test::wasm_bindgen_test)] #[cfg_attr(not(target_arch = "wasm32"), test)] fn test_create_invalid_actor_csr() { init_logger(); let mut csprng = rand::rngs::OsRng; let priv_key = Ed25519PrivateKey::gen_keypair(&mut csprng); println!("Private Key is: {:?}", priv_key.key.to_bytes()); println!("Public Key is: {:?}", priv_key.public_key.key.to_bytes()); println!(); let mut capabilities = Capabilities::default_actor(); // This is not allowed in actor certificates/csrs capabilities .key_usage .key_usages .push(capabilities::KeyUsage::KeyCertSign); let csr = polyproto::certs::idcsr::IdCsr::new( &RdnSequence::from_str( "CN=flori,DC=polyphony,DC=chat,UID=flori@polyphony.chat,uniqueIdentifier=client1", ) .unwrap(), &priv_key, &capabilities, Some(Target::Actor), ); assert!(csr.is_err()); } #[cfg_attr(target_arch = "wasm32", wasm_bindgen_test::wasm_bindgen_test)] #[cfg_attr(not(target_arch = "wasm32"), test)] fn csr_from_der() { init_logger(); let mut csprng = rand::rngs::OsRng; let priv_key = Ed25519PrivateKey::gen_keypair(&mut csprng); let csr = polyproto::certs::idcsr::IdCsr::new( &RdnSequence::from_str( "CN=flori,DC=polyphony,DC=chat,UID=flori@polyphony.chat,uniqueIdentifier=client1", ) .unwrap(), &priv_key, &Capabilities::default_actor(), Some(Target::Actor), ) .unwrap(); let data = csr.clone().to_der().unwrap(); let csr_from_der = IdCsr::from_der(&data, Some(polyproto::certs::Target::Actor)).unwrap(); assert_eq!(csr_from_der, csr); let csr = polyproto::certs::idcsr::IdCsr::new( &RdnSequence::from_str("CN=root,DC=polyphony,DC=chat").unwrap(), &priv_key, &Capabilities::default_home_server(), Some(Target::HomeServer), ) .unwrap(); let data = csr.clone().to_der().unwrap(); let csr_from_der = IdCsr::from_der(&data, Some(polyproto::certs::Target::HomeServer)).unwrap(); assert_eq!(csr_from_der, csr); }