Skip to content

Commit

Permalink
tls: update x509 crate to v0.8
Browse files Browse the repository at this point in the history 
Ticket: #5439

Fixes cetificate parsing without issuer, and do not require an
update to MSRV.
  • Loading branch information
@catenacyber
catenacyber committed Jul 6, 2023
1 parent afa58de commit e55d87b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 11 deletions.
5 changes: 4 additions & 1 deletion rust/Cargo.toml.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,10 @@ ntp-parser = "0.4"
ipsec-parser = "0.5"
snmp-parser = "0.6"
tls-parser = "0.9"
x509-parser = "0.6.5"
# required by x509 to keep MSRV support
chrono = "=0.4.19"
thiserror = "=1.0.39"
x509-parser = "0.8.2"
libc = "0.2.67"

[dev-dependencies]
Expand Down
12 changes: 2 additions & 10 deletions rust/src/x509/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,8 @@ pub enum X509DecodeError {
InvalidCert,
/// Some length does not match, or certificate is incomplete
InvalidLength,
InvalidVersion,
InvalidSerial,
InvalidAlgorithmIdentifier,
InvalidX509Name,
InvalidDate,
InvalidExtensions,
/// DER structure is invalid
InvalidDER,
}
Expand Down Expand Up @@ -112,8 +108,8 @@ pub unsafe extern "C" fn rs_x509_get_validity(
return -1;
}
let x509 = &*ptr;
let n_b = x509.0.tbs_certificate.validity.not_before.to_timespec().sec;
let n_a = x509.0.tbs_certificate.validity.not_after.to_timespec().sec;
let n_b = x509.0.tbs_certificate.validity.not_before.timestamp();
let n_a = x509.0.tbs_certificate.validity.not_after.timestamp();
*not_before = n_b;
*not_after = n_a;
0
Expand All @@ -136,12 +132,8 @@ fn x509_parse_error_to_errcode(e: &nom::Err<X509Error>) -> X509DecodeError {
match e {
nom::Err::Incomplete(_) => X509DecodeError::InvalidLength,
nom::Err::Error(e) | nom::Err::Failure(e) => match e {
X509Error::InvalidVersion => X509DecodeError::InvalidVersion,
X509Error::InvalidSerial => X509DecodeError::InvalidSerial,
X509Error::InvalidAlgorithmIdentifier => X509DecodeError::InvalidAlgorithmIdentifier,
X509Error::InvalidX509Name => X509DecodeError::InvalidX509Name,
X509Error::InvalidDate => X509DecodeError::InvalidDate,
X509Error::InvalidExtensions => X509DecodeError::InvalidExtensions,
X509Error::Der(_) => X509DecodeError::InvalidDER,
_ => X509DecodeError::InvalidCert,
},
Expand Down

0 comments on commit e55d87b

Please sign in to comment.