File: rcgen-0.13.patch

package info (click to toggle)
rust-parsec-tool 0.7.0-8
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 424 kB
  • sloc: sh: 275; makefile: 4
file content (74 lines) | stat: -rw-r--r-- 2,659 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
 
This patch is based on the upstream commit described below, adapted for use
in the Debian package by Peter Michael Green.

commit 561c4163030b6fbebdd489a9cf8d92a88b71d09a
Author: Tomás González <tomasagustin.gonzalezorlando@arm.com>
Date:   Thu May 30 13:15:04 2024 +0100

    Cargo.toml: Bump rcgen to 0.13.1
    
    The rcgen crate is currently being patched to cover for parsec-tool
    CSR generation with RSA PSS SHA-256/384.
    
     * Bump rcgen to the latest available version (0.13.1).
     * Update the patches until they get merged upstream in rcgen.
     * Allow clippy::multiple_crate_versions until dependency mismatches
       are solved by updating spiffe in the parsec client.
    
    Signed-off-by: Tomás González <tomasagustin.gonzalezorlando@arm.com>

Index: parsec-tool/Cargo.toml
===================================================================
--- parsec-tool.orig/Cargo.toml
+++ parsec-tool/Cargo.toml
@@ -66,7 +66,7 @@ version = "0.4.0"
 version = "0.10.0"
 
 [dependencies.rcgen]
-version = "0.9.2"
+version = "0.13.1"
 features = ["pem"]
 
 [dependencies.serde]
diff --git a/src/subcommands/create_csr.rs b/src/subcommands/create_csr.rs
index a25cac6cbf..c81a9fef2f 100644
--- a/src/subcommands/create_csr.rs
+++ b/src/subcommands/create_csr.rs
@@ -12,2 +12,3 @@ use parsec_client::core::interface::operations::psa_algorithm::{
+use rcgen::Error as RcgenError;
 use rcgen::{
-    Certificate, CertificateParams, DistinguishedName, DnType, KeyPair, RcgenError, RemoteKeyPair,
+    CertificateParams, DistinguishedName, DnType, KeyPair, RemoteKeyPair,
@@ -139,15 +140,13 @@ impl CreateCsr {
             );
         }
 
-        let mut params = CertificateParams::new(subject_alt_names);
-        params.alg = rcgen_algorithm;
-        params.key_pair = Some(remote_key_pair);
+        let mut params = CertificateParams::new(subject_alt_names)?;
         params.distinguished_name = dn;
 
-        let cert = Certificate::from_params(params)?;
-
-        let pem_string = cert.serialize_request_pem()?;
+        let cert = params.self_signed(&remote_key_pair)?;
+        let csr = cert.params().serialize_request(&remote_key_pair)?;
 
+        let pem_string = csr.pem()?;
         println!("{}", pem_string);
 
         Ok(())
diff --git a/tests/ci.sh b/tests/ci.sh
index e6862af93a..3d63540b70 100755
--- a/tests/ci.sh
+++ b/tests/ci.sh
@@ -74,7 +74,7 @@ if cargo fmt -h; then
 	cargo fmt --all -- --check
 fi
 if cargo clippy -h; then
-	cargo clippy --all-targets -- -D clippy::all -D clippy::cargo
+	cargo clippy --all-targets -- -D clippy::all -D clippy::cargo -A clippy::multiple_crate_versions
 fi
 
 #############