Closed garthy closed 1 year ago
Urgh sorry about formatting. So happy to get it compile have forgotten to configure local ide/tools to fmt
This does compile and appear to generate a correct certificate w/ the Extended Key Usage extension for me. In fact, adding an extension can't cause signing to fail as only a SHA-256 of the TbsCertificate is signed. That failure is most likely an unrelated bug. What platform are you using and does current main branch fail in the same way? If so, please file another bug.
No worries. Can clean it up in a follow-up PR.
On Wed, Dec 14, 2022, 9:04 AM Garth Bushell @.***> wrote:
@.**** commented on this pull request.
In src/lib.rs https://github.com/oxidecomputer/pki-playground/pull/4#discussion_r1048735407 :
- }
- fn is_critical(&self) -> bool {
- self.is_critical
- }
- fn as_der(&self) -> &[u8] {
- &self.der
- } +}
+impl ExtendedKeyUsageExtension {
- pub(crate) fn from_config(config: &config::ExtendedKeyUsageExtension ) -> Result
{ - let mut der = Vec::new();
I totally forgot to do this!
— Reply to this email directly, view it on GitHub https://github.com/oxidecomputer/pki-playground/pull/4#discussion_r1048735407, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACIEHF7XZ2QLENUMKH4KU4LWNH42FANCNFSM6AAAAAAS5RNZCM . You are receiving this because you modified the open/close state.Message ID: @.***>
Fixes https://github.com/oxidecomputer/pki-playground/issues/3
This currently doesn't actually work and seems to fail if I add this to a cert
See https://github.com/oxidecomputer/pki-playground/pull/4/commits/acf2550546f3fd6301bdebc5386bec156e7c45b8#diff-33af558753e6a6c431cf99fd8f11fb026226a5f6767c6e782749259c5d993f1e