x509-cert: make (Tbs)CertificateInner fields private#1505
Merged
Conversation
tarcieri
commented
Sep 6, 2024
Member
Author
|
Note: this is just a first pass for |
tarcieri
commented
Sep 6, 2024
baloo
reviewed
Sep 6, 2024
tarcieri
force-pushed
the
x509-cert/private-certificate-fields
branch
from
4509da7 to
8c7db65
Compare
baloo
approved these changes
Sep 7, 2024
This allows them to maintain invariants. Adds read-only accessor methods in place of public fields.
tarcieri
force-pushed
the
x509-cert/private-certificate-fields
branch
from
b3a92a7 to
379c28d
Compare
tarcieri
changed the title
tarcieri
changed the title
CertificateInner fields private
Member
Author
|
There are definitely more types that should be given this treatment, but this seems like a reasonable first pass |
lukevalenta
added a commit
to cloudflare/azul
that referenced
this pull request
Apr 15, 2026
Upgrades all RustCrypto crates to their latest RC versions to unblock ml-dsa 0.1.0-rc.8, which fixes a WASM stack overflow with ML-DSA signatures in Cloudflare Workers. Workspace dependency changes: - der 0.7.10 (patched fork) → 0.8.0 (Tag::RelativeOid now native) - const-oid 0.9.6 → 0.10 - spki 0.7 → 0.8 - pkcs8 (new) 0.11.0-rc.11 - signature 2.2.0 → 3.0.0-rc.10 - sha1 0.10 → 0.11 - sha2 0.10 → 0.11 - digest (new) 0.11 - rand 0.8.5 → 0.10.0 - rand_core 0.6.4 → 0.10.0 - getrandom 0.2 → 0.4 - ed25519-dalek 2.1.1 → 3.0.0-pre.6 - p256 0.13 → 0.14.0-rc.8 - p384 0.13 → 0.14.0-rc.8 - p521 0.13 → 0.14.0-rc.8 - rsa 0.9 → 0.10.0-rc.17 - x509-cert 0.2.5 → 0.3.0-rc.4 - crypto-common (new) 0.2 Add OwnedTbsCertificate and OwnedCertificate to x509_util: - Freely mutable owned representations of the x509-cert types whose fields were made private in x509-cert 0.3 (RustCrypto/formats#1505) - DER encoding/decoding via #[derive(Sequence)] with #[asn1(...)] attributes, matching the pattern used by TbsCertificateLogEntry in bootstrap_mtc_api and the original x509-cert 0.2 structs - Used in static_ct_api (rfc6962.rs) and bootstrap_mtc_api wherever certificate fields need to be mutated before re-encoding Adapt to x509-cert 0.3 API changes (private fields → accessor methods, Validity::new, RelativeDistinguishedName::try_from, etc.) throughout bootstrap_mtc_api, bootstrap_mtc_worker, ct_worker, sct_validator, static_ct_api, and integration_tests. Adapt to rand 0.10 API changes (OsRng→SysRng, thread_rng()→rng(), gen_range→random_range, RngExt, TryRng/TryCryptoRng in doc examples). Adapt is_link_valid in x509_util to the upgraded crates: - verify_rsa bound: sha2::digest::Digest + rsa::pkcs8::AssociatedOid → digest::Digest + const_oid::AssociatedOid (rsa 0.10-rc API) - verify_p521: p521 0.14 makes VerifyingKey a type alias for ecdsa::VerifyingKey<NistP521>, so it now uses the same TryFrom<SubjectPublicKeyInfoRef>/DerSignature pattern as p256/p384
lukevalenta
added a commit
to cloudflare/azul
that referenced
this pull request
Apr 16, 2026
Upgrades all RustCrypto crates to their latest RC versions to unblock ml-dsa 0.1.0-rc.8, which fixes a WASM stack overflow with ML-DSA signatures in Cloudflare Workers. Workspace dependency changes: - der 0.7.10 (patched fork) → 0.8.0 (Tag::RelativeOid now native) - const-oid 0.9.6 → 0.10 - spki 0.7 → 0.8 - pkcs8 (new) 0.11.0-rc.11 - signature 2.2.0 → 3.0.0-rc.10 - sha1 0.10 → 0.11 - sha2 0.10 → 0.11 - digest (new) 0.11 - rand 0.8.5 → 0.10.0 - rand_core 0.6.4 → 0.10.0 - getrandom 0.2 → 0.4 - ed25519-dalek 2.1.1 → 3.0.0-pre.6 - p256 0.13 → 0.14.0-rc.8 - p384 0.13 → 0.14.0-rc.8 - p521 0.13 → 0.14.0-rc.8 - rsa 0.9 → 0.10.0-rc.17 - x509-cert 0.2.5 → 0.3.0-rc.4 - crypto-common (new) 0.2 Add OwnedTbsCertificate and OwnedCertificate to x509_util: - Freely mutable owned representations of the x509-cert types whose fields were made private in x509-cert 0.3 (RustCrypto/formats#1505) - DER encoding/decoding via #[derive(Sequence)] with #[asn1(...)] attributes, matching the pattern used by TbsCertificateLogEntry in bootstrap_mtc_api and the original x509-cert 0.2 structs - Used in static_ct_api (rfc6962.rs) and bootstrap_mtc_api wherever certificate fields need to be mutated before re-encoding Adapt to x509-cert 0.3 API changes (private fields → accessor methods, Validity::new, RelativeDistinguishedName::try_from, etc.) throughout bootstrap_mtc_api, bootstrap_mtc_worker, ct_worker, sct_validator, static_ct_api, and integration_tests. Adapt to rand 0.10 API changes (OsRng→SysRng, thread_rng()→rng(), gen_range→random_range, RngExt, TryRng/TryCryptoRng in doc examples). Adapt is_link_valid in x509_util to the upgraded crates: - verify_rsa bound: sha2::digest::Digest + rsa::pkcs8::AssociatedOid → digest::Digest + const_oid::AssociatedOid (rsa 0.10-rc API) - verify_p521: p521 0.14 makes VerifyingKey a type alias for ecdsa::VerifyingKey<NistP521>, so it now uses the same TryFrom<SubjectPublicKeyInfoRef>/DerSignature pattern as p256/p384
lukevalenta
added a commit
to cloudflare/azul
that referenced
this pull request
Apr 16, 2026
Upgrades all RustCrypto crates to their latest RC versions to unblock ml-dsa 0.1.0-rc.8, which fixes a WASM stack overflow with ML-DSA signatures in Cloudflare Workers. Workspace dependency changes: - der 0.7.10 (patched fork) → 0.8.0 (Tag::RelativeOid now native) - const-oid 0.9.6 → 0.10 - spki 0.7 → 0.8 - pkcs8 (new) 0.11.0-rc.11 - signature 2.2.0 → 3.0.0-rc.10 - sha1 0.10 → 0.11 - sha2 0.10 → 0.11 - digest (new) 0.11 - rand 0.8.5 → 0.10.0 - rand_core 0.6.4 → 0.10.0 - getrandom 0.2 → 0.4 - ed25519-dalek 2.1.1 → 3.0.0-pre.6 - p256 0.13 → 0.14.0-rc.8 - p384 0.13 → 0.14.0-rc.8 - p521 0.13 → 0.14.0-rc.8 - rsa 0.9 → 0.10.0-rc.17 - x509-cert 0.2.5 → 0.3.0-rc.4 - crypto-common (new) 0.2 Add OwnedTbsCertificate and OwnedCertificate to x509_util: - Freely mutable owned representations of the x509-cert types whose fields were made private in x509-cert 0.3 (RustCrypto/formats#1505) - DER encoding/decoding via #[derive(Sequence)] with #[asn1(...)] attributes, matching the pattern used by TbsCertificateLogEntry in bootstrap_mtc_api and the original x509-cert 0.2 structs - Used in static_ct_api (rfc6962.rs) and bootstrap_mtc_api wherever certificate fields need to be mutated before re-encoding Adapt to x509-cert 0.3 API changes (private fields → accessor methods, Validity::new, RelativeDistinguishedName::try_from, etc.) throughout bootstrap_mtc_api, bootstrap_mtc_worker, ct_worker, sct_validator, static_ct_api, and integration_tests. Adapt to rand 0.10 API changes (OsRng→SysRng, thread_rng()→rng(), gen_range→random_range, RngExt, TryRng/TryCryptoRng in doc examples). Adapt is_link_valid in x509_util to the upgraded crates: - verify_rsa bound: sha2::digest::Digest + rsa::pkcs8::AssociatedOid → digest::Digest + const_oid::AssociatedOid (rsa 0.10-rc API) - verify_p521: p521 0.14 makes VerifyingKey a type alias for ecdsa::VerifyingKey<NistP521>, so it now uses the same TryFrom<SubjectPublicKeyInfoRef>/DerSignature pattern as p256/p384
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This allows them to maintain invariants.
Adds read-only accessor methods in place of public fields.
Closes #1486.