From c0afa153eac597a084c2cf8aecdd5179d56f3c7e Mon Sep 17 00:00:00 2001 From: dastansam Date: Tue, 14 May 2024 02:04:06 +0200 Subject: [PATCH] Use non-der encoded value of common name for auto id --- domains/pallets/auto-id/src/lib.rs | 6 ++--- domains/pallets/auto-id/src/tests.rs | 22 +++++++++---------- .../primitives/auto-id/src/host_functions.rs | 5 ++--- domains/primitives/auto-id/src/lib.rs | 4 ++-- 4 files changed, 17 insertions(+), 20 deletions(-) diff --git a/domains/pallets/auto-id/src/lib.rs b/domains/pallets/auto-id/src/lib.rs index 220f1dc14e..400a227fd2 100644 --- a/domains/pallets/auto-id/src/lib.rs +++ b/domains/pallets/auto-id/src/lib.rs @@ -53,8 +53,8 @@ pub struct X509Certificate { /// Serial number for this certificate pub serial: U256, /// Subject common name of the certificate. - pub subject_common_name: DerVec, - /// Der encoded certificate's subject's public key info + pub subject_common_name: Vec, + /// Der encoded certificate's subject's public key info. pub subject_public_key_info: DerVec, /// Validity of the certificate pub validity: Validity, @@ -76,7 +76,7 @@ pub enum Certificate { impl Certificate { /// Returns the subject distinguished name. #[cfg(test)] - fn subject_common_name(&self) -> DerVec { + fn subject_common_name(&self) -> Vec { match self { Certificate::X509(cert) => cert.subject_common_name.clone(), } diff --git a/domains/pallets/auto-id/src/tests.rs b/domains/pallets/auto-id/src/tests.rs index 3b5be186f2..5ca22b2ae1 100644 --- a/domains/pallets/auto-id/src/tests.rs +++ b/domains/pallets/auto-id/src/tests.rs @@ -135,8 +135,8 @@ fn identifier_from_x509_cert( .next() .unwrap() .attr_value() - .to_der_vec() - .unwrap(); + .as_bytes() + .to_vec(); if let Some(issuer_id) = issuer_id { let mut data = issuer_id.to_fixed_bytes().to_vec(); @@ -173,9 +173,8 @@ fn register_issuer_auto_id() -> Identifier { .next() .unwrap() .attr_value() - .to_der_vec() - .unwrap() - .into() + .as_bytes() + .to_vec() ); auto_id_identifier @@ -207,9 +206,8 @@ fn register_leaf_auto_id(issuer_auto_id: Identifier) -> Identifier { .next() .unwrap() .attr_value() - .to_der_vec() - .unwrap() - .into(), + .as_bytes() + .to_vec() ); auto_id_identifier @@ -411,7 +409,7 @@ fn test_auto_id_identifier_is_deterministic() { let auto_id = crate::AutoId { certificate: Certificate::X509(X509Certificate { issuer_id: None, - subject_common_name: vec![0].into(), + subject_common_name: b"Test".to_vec(), validity: Validity { not_before: 0, not_after: 0, @@ -425,7 +423,7 @@ fn test_auto_id_identifier_is_deterministic() { }; let expected_auto_id_identifier = - "0x3170a2e7597b7b7e3d84c05391d139a62b157e78786d8c082f29dcf4c111314"; + "0x8d2143d76615c515b5cc88fa7806aef268edeea87571c8f8b21a19f77b9993ba"; assert_eq!( to_hex( &auto_id.certificate.derive_identifier().to_fixed_bytes(), @@ -437,7 +435,7 @@ fn test_auto_id_identifier_is_deterministic() { let auto_id_child = crate::AutoId { certificate: Certificate::X509(X509Certificate { issuer_id: Some(auto_id.certificate.derive_identifier()), - subject_common_name: vec![0].into(), + subject_common_name: b"child".to_vec(), validity: Validity { not_before: 0, not_after: 0, @@ -451,7 +449,7 @@ fn test_auto_id_identifier_is_deterministic() { }; let expected_auto_id_child_identifier = - "0x1f6c133e7bca8c7714c5c9df36562e5cd51304530cc85e583351167bb75e072f"; + "0xb273167fb0c55e2df1fcd5c44fcf90e497bd826e2eb4be2f167ff1c46b4d686d"; assert_eq!( to_hex( &auto_id_child diff --git a/domains/primitives/auto-id/src/host_functions.rs b/domains/primitives/auto-id/src/host_functions.rs index 253bc38ca5..7cae2491d0 100644 --- a/domains/primitives/auto-id/src/host_functions.rs +++ b/domains/primitives/auto-id/src/host_functions.rs @@ -1,7 +1,7 @@ use crate::{DerVec, SignatureVerificationRequest, TbsCertificate, Validity}; use sp_core::U256; use std::sync::Arc; -use x509_parser::der_parser::asn1_rs::{BitString, ToDer}; +use x509_parser::der_parser::asn1_rs::BitString; use x509_parser::prelude::{AlgorithmIdentifier, FromDer, SubjectPublicKeyInfo}; use x509_parser::verify::verify_signature; @@ -51,8 +51,7 @@ impl HostFunctions for HostFunctionsImpl { .subject .iter_common_name() .next() - .and_then(|cn| cn.attr_value().to_der_vec().ok())? - .into(); + .map(|cn| cn.attr_value().as_bytes().to_vec())?; Some(TbsCertificate { serial, diff --git a/domains/primitives/auto-id/src/lib.rs b/domains/primitives/auto-id/src/lib.rs index d7c5859c15..cb058555a2 100644 --- a/domains/primitives/auto-id/src/lib.rs +++ b/domains/primitives/auto-id/src/lib.rs @@ -103,8 +103,8 @@ pub struct TbsCertificate { /// Certificate serial number. pub serial: U256, /// Certificate subject common name. - pub subject_common_name: DerVec, - /// Certificate subject public key info. + pub subject_common_name: Vec, + /// Certificate subject public key info, der encoded. pub subject_public_key_info: DerVec, /// Certificate validity. pub validity: Validity,