Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add API to export public key #87

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add API to export public key #87

wants to merge 1 commit into from

Conversation

shahn
Copy link
Contributor

@shahn shahn commented Jan 13, 2019

This is a PR just to show what an API giving access to a certificate's public key could look like, as input for #85. It also depends on #86 getting merged for the test case, but I would be open to rebase this if #86 is unacceptable for any reason, of course.

Thanks!

briansmith
briansmith reviewed Jan 16, 2019
View reviewed changes
src/signed_data.rs Outdated Show resolved Hide resolved
briansmith
briansmith requested changes Jan 16, 2019
View reviewed changes
Copy link
Owner

@briansmith briansmith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable to me. Thanks!

@shahn
Copy link
Contributor Author

shahn commented Jan 17, 2019

Will probably take me until the weekend to address these (will also wait for #86 to be settled)

@shahn
Copy link
Contributor Author

shahn commented Jan 19, 2019

Pushed a new version, I hope I understood the direction you want to go into. A maybe nicer alternative could be provided if the TrustAnchor::spki field could be split into the parsed fields (but that would be a breaking change), then we'd only parse the spki fields once when the Cert is created.

@shahn
Add function to export certificate's public key
b487385 
I agree to license my contributions to each file under the terms given
at the top of each file I changed.
@hahseba
Copy link

hahseba commented Jan 26, 2019

Respectful ping, is there anything left unadressed here? Sorry, I am not well versed in how to resolve the requested changes correctly in github. I will gladly make any change still deemed necessary.

Thanks!

@briansmith
Copy link
Owner

@shahn Are you still interested in this? If so, please reply to #87 (comment) so we can figure out a path forward.

@hahseba
Copy link

hahseba commented Mar 23, 2019

Yes, I am still very interested in this, just pretty overloaded with work Tasks atm and the question is a bit tricky. I hope to get to it soon.

@FlorianUekermann FlorianUekermann mentioned this pull request Jul 2, 2020
Open
Base automatically changed from master to main January 14, 2021 01:31
@briansmith
Copy link
Owner

Note: I renamed the "master" branch to "main". Sorry for the inconvenience. This PR has had its base branch updated to "main" but you'll need to deal with the change in your local repo yourself.

@shahn
Copy link
Contributor Author

shahn commented Feb 28, 2024

I wanted to pick this back up, but there's one catch with the idea of pre-parsing the SPKI. It would be a change of public API of TrustAnchor to store the SPKI in that format, and those who manually construct a TrustAnchor just from serialized bytes would be affected. Should the public API be preserved, or should it be adapted? One more question would be how to easily serialize it in a build script, for example. To me it seems that the philosophy is very much of parsing/validating most parts as late as possible, which clashes with the ideas around SPKI handling.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@briansmith briansmith briansmith requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@shahn @hahseba @briansmith