1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
Description: avoid test-only older-than-in-Debian crate rcgen
Author: Jonas Smedegaard <dr@jones.dk>
Forwarded: not-needed
Last-Update: 2023-08-20
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -75,7 +75,6 @@
base64 = ">= 0.21, <= 0.22"
bencher = "0.1.5"
once_cell = "1.17.2"
-rcgen = { version = "0.11.3", default-features = false }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
--- a/src/end_entity.rs
+++ b/src/end_entity.rs
@@ -258,7 +258,7 @@
}
}
-#[cfg(feature = "alloc")]
+#[cfg(feature = "rcgen")]
#[cfg(test)]
mod tests {
use super::*;
--- a/src/test_utils.rs
+++ b/src/test_utils.rs
@@ -1,10 +1,10 @@
/// Signature algorithm used by certificates generated using `make_issuer` and
/// `make_end_entity`. This is exported as a constant so that tests can use the
/// same algorithm when generating certificates using `rcgen`.
-#[cfg(feature = "alloc")]
+#[cfg(feature = "rcgen")]
pub(crate) static RCGEN_SIGNATURE_ALG: &rcgen::SignatureAlgorithm = &rcgen::PKCS_ECDSA_P256_SHA256;
-#[cfg(feature = "alloc")]
+#[cfg(feature = "rcgen")]
pub(crate) fn make_issuer(
org_name: impl Into<String>,
name_constraints: Option<rcgen::NameConstraints>,
@@ -24,7 +24,7 @@
rcgen::Certificate::from_params(ca_params).unwrap()
}
-#[cfg(feature = "alloc")]
+#[cfg(feature = "rcgen")]
pub(crate) fn make_end_entity(issuer: &rcgen::Certificate) -> Vec<u8> {
let mut ee_params = rcgen::CertificateParams::new(vec!["example.com".to_string()]);
ee_params.is_ca = rcgen::IsCa::ExplicitNoCa;
--- a/src/verify_cert.rs
+++ b/src/verify_cert.rs
@@ -608,7 +608,7 @@
mod tests {
use super::*;
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
use crate::test_utils::{make_end_entity, make_issuer};
#[test]
@@ -623,7 +623,7 @@
No,
}
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn build_degenerate_chain(
intermediate_count: usize,
trust_anchor_is_actual_issuer: TrustAnchorIsActualIssuer,
@@ -655,7 +655,7 @@
}
#[test]
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn test_too_many_signatures() {
assert!(matches!(
build_degenerate_chain(5, TrustAnchorIsActualIssuer::Yes, None),
@@ -664,7 +664,7 @@
}
#[test]
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn test_too_many_path_calls() {
assert!(matches!(
build_degenerate_chain(
@@ -682,7 +682,7 @@
));
}
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn build_linear_chain(chain_length: usize) -> Result<(), ControlFlow<Error, Error>> {
let ca_cert = make_issuer(format!("Bogus Subject {chain_length}"), None);
let ca_cert_der = ca_cert.serialize_der().unwrap();
@@ -705,7 +705,7 @@
}
#[test]
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn longest_allowed_path() {
assert!(build_linear_chain(1).is_ok());
assert!(build_linear_chain(2).is_ok());
@@ -716,7 +716,7 @@
}
#[test]
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn path_too_long() {
assert!(matches!(
build_linear_chain(7),
@@ -725,7 +725,7 @@
}
#[test]
- #[cfg(feature = "alloc")]
+ #[cfg(feature = "rcgen")]
fn name_constraint_budget() {
// Issue a trust anchor that imposes name constraints. The constraint should match
// the end entity certificate SAN.
|
