mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-19 13:41:10 +02:00
99c74f5c80
* Base Binary Cert and CSR Parse functions. * Add otherSANS parsing. * Notate what doesn't exist on a CSR. * Fix otherSans call err-checking and add basic-constriants to CSR * Move BasicConstraint parsing to be optionally set. * Refactored to use existing ParseBasicConstraintsExtension. * Add handling for the ChangeSubjectName ext on CSR that is needed for EST * Remove ChangeSubjectName - it's an attribute, not an extension, and there is no clean way to parse it, so pair down for now. * Make these public methods, so they can be used in vault. * Add unit tests for certutil.ParseCertificateToCreationParameters. Also add unit tests for certutil.ParseCertificateToFields. * Cleanup TestParseCertificate. * Add unit tests for certutil.ParseCsrToCreationParameters and ParseCsrToFields. * Fix return values for "add_basic_constraints" in certutil.ParseCsrToFields. Add a test for parsing CSRs where "add_basic_constraints" is false. * Clear up some todos. * Add a test for certutil.ParseCertificateToCreationParameters for non-CA cert. * Tweak TestParseCertificate/full_non_CA_cert. * Basics of three remaining fields - keyUsage; extKeyUsage; PolicyIdentifiers * Fix tests and err handling * Add unit tests for policy_identifiers; ext_key_usage_oids; key_usage * Add test on ext_key_usage_oids * Remove duplicate usages elsewhere. * Add error handling to csr-checks. * Remove extranames on returned types. * Remove useless function. --------- Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com>