formats icon indicating copy to clipboard operation
formats copied to clipboard
verified publisher icon RustCrypto

CertificateBuilder running example

Open Adrien-Bodineau opened this issue 1 year ago • 1 comments

The provided example

https://docs.rs/x509-cert/latest/x509_cert/builder/struct.CertificateBuilder.html

is not really helpful as it does not compile due to lack of public key and signers, and the documentation as a whole is quite lacking clearness. It is quite hard to use the crate without being an "expert".

It is possible to have a fully functioning example ?

Adrien-Bodineau avatar Oct 21 '24 10:10 Adrien-Bodineau

It's a working doctested example. I think perhaps the real problem you're referring to is the rsa_signer() function being hidden?

tarcieri avatar Oct 31 '24 16:10 tarcieri

I also am having a hard time finding working document for a signer. Examples on what methods actually implement the many traits would be appreciated.

This code does not function, as this doesn't implement rsa::pkcs8::AssociatedOid

fn make_cert(
    signing_key: &RsaPrivateKey,
    public_key: &RsaPublicKey,
) -> Result<Certificate, Box<dyn std::error::Error>> {
   /* snip */

    let signing_key =
        p256::SecretKey::from_pkcs8_der(&signing_key.to_pkcs8_der().unwrap().to_bytes().to_vec())
            .unwrap();
    let signing_key = ecdsa::SigningKey::<p256::NistP256>::from(&signing_key);
    let public_key = SubjectPublicKeyInfo::from_key(public_key.clone())?;

    // Build certificate
    let cert = CertificateBuilder::new(
        Profile::Root,
        SerialNumber::new(&[1])?,
        validity,
        name,
        public_key,
        &signing_key,
    )?;

    let tbs_cert = cert.build()?;

    Ok(tbs_cert)
}

same with

let signing_key = SigningKey::<Sha256>::new(signing_key.clone());

What does implement these traits?

jkcoxson avatar Apr 29 '25 16:04 jkcoxson