Open indygreg opened 3 years ago
chifflier
commented
3 years ago Hi,
Overall I'm not against the possibility to have owned objects. I think it will help serialization.
A switch to Cow is possible, and it would indeed allow owning objects. It will require to first convert the crate der-parser to an owned model, which is something I was considering in the roadmap for the next major version https://github.com/rusticata/der-parser/issues/37
Any help would be appreciated!
chifflier
commented
3 years ago I have committed a work-in-progress in branch cow-v0.1
I did not implement ToOwned yet. In der-parser I implemented to to_owned method manually (not sure if implementing the trait is needed) to return a 'static object. I'm wondering if that is also needed here.
@indygreg can you test this branch and give some feedback?
horazont
commented
2 years ago @chifflier Hi! I am facing a similar issue where I want to pass and persist the parsed X.509 structure somewhere. So using a Cow backing store makes sense to me.
However, trying to build the dev/cow-v0.1 branch, I get compiler errors:
Is that expected or am I holding it wrong?
baloo
commented
2 years ago I had a similar need and first thought it would be great to use Cow as well. (the commit just above is a rebase on the current master, if you need).
It ends up being just the same as you still need to handle the lifetime just the same. (My input buffer does not outlives the cert).
I ended up using ouroboros instead:
use std::fmt;
use ouroboros::self_referencing;
use x509_parser::{certificate::X509Certificate, prelude::FromDer};
#[self_referencing]
pub struct X509Cert {
der_buf: Vec<u8>,
#[borrows(der_buf)]
#[covariant]
cert: X509Certificate<'this>,
}
impl X509Cert {
pub fn from_der(der: &[u8]) -> Result<Self, ()> {
// Because we're self-referencing the buffer and the parsed certificate
// we need to parse it twice.
// Once to get the actual length of the buffer (and cut off any tail).
// And a second time to actually store the parsed value.
let (rest, _cert) = X509Certificate::from_der(der).map_err(|_| ())?;
let der_buf: Vec<u8> = der[..(der.len() - rest.len())].into();
X509CertTryBuilder {
der_buf,
cert_builder: |buf| match X509Certificate::from_der(&buf[..]) {
Err(_) => Err(()),
Ok((_rest, cert)) => Ok(cert),
},
}
.try_build()
}
pub fn cert(&self) -> &X509Certificate<'_> {
self.borrow_cert()
}
}
impl fmt::Debug for X509Cert {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
self.borrow_cert().fmt(f)
}
}That works for me, for now.
toksdotdev
commented
5 months ago I'm curious if this issue is still on the roadmap? I recently ran into a similar problem, and I'll prefer not to use the ouroboros crate which feels more like a workaround.
I accidentally [1] implemented my own x509 parser as part of implementing RFC 5652 for https://crates.io/crates/cryptographic-message-syntax. When I realized the horrors I had committed, I wanted to switch to using this crate. However, I couldn't coerce it into working easily because data types in this crate have lifetimes and always hold references. e.g.
&'a [u8]. There's no option to obtain an owned version of the data structures. And since Rust doesn't allow you to have self-referential data structures [easily], I couldn't get this crate to work given some of my constraints that need'static/ owned lifetimes.Are the maintainers of this crate receptive to the idea of mass changing all references in structs to
Cow<'a, X>and implementingToOwnedso all data types can be owned, cloned, and not subjected to lifetime constraints? If you are, perhaps I'll find time to do the work so I can delete the one-off x509 crate (https://crates.io/crates/x509-certificate) I begrudgingly created.[1] This was accidental because when I was following the rabbit hole of recursively defining ASN.1 types for RFC 5652, I didn't realize I was reinventing x509 certificate parsing because this was the first time I was exposed to the internals of x509 certificates. Only after I had implemented a full RFC 5652 ASN.1 decoder did I realize many of the types were foundational and general crypto primitives. Oops!