Adding upstream version 1:7.0.3.upstream/1%7.0.3

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 17:39:49 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-19 17:39:49 +0000
commit: a0aa2307322cd47bbf416810ac0292925e03be87 (patch)
tree: 37076262a026c4b48c8a0e84f44ff9187556ca35 /rust/vendor/x509-parser/src/extensions/nameconstraints.rs
parent: Initial commit. (diff)
download: suricata-a0aa2307322cd47bbf416810ac0292925e03be87.tar.xz
suricata-a0aa2307322cd47bbf416810ac0292925e03be87.zip
1 files changed, 59 insertions, 0 deletions
diff --git a/rust/vendor/x509-parser/src/extensions/nameconstraints.rs b/rust/vendor/x509-parser/src/extensions/nameconstraints.rs
new file mode 100644
index 0000000..da9a999
--- /dev/null
+++ b/rust/vendor/x509-parser/src/extensions/nameconstraints.rs
@@ -0,0 +1,59 @@
+use super::GeneralName;
+use crate::error::{X509Error, X509Result};
+use crate::extensions::parse_generalname;
+use asn1_rs::FromDer;
+use der_parser::der::*;
+use der_parser::error::BerError;
+use nom::combinator::{all_consuming, complete, map, opt};
+use nom::multi::many1;
+use nom::{Err, IResult};
+
+#[derive(Clone, Debug, PartialEq)]
+pub struct NameConstraints<'a> {
+    pub permitted_subtrees: Option<Vec<GeneralSubtree<'a>>>,
+    pub excluded_subtrees: Option<Vec<GeneralSubtree<'a>>>,
+}
+
+impl<'a> FromDer<'a, X509Error> for NameConstraints<'a> {
+    fn from_der(i: &'a [u8]) -> X509Result<'a, Self> {
+        parse_nameconstraints(i).map_err(Err::convert)
+    }
+}
+
+#[derive(Clone, Debug, PartialEq)]
+/// Represents the structure used in the name constraints extensions.
+/// The fields minimum and maximum are not supported (openssl also has no support).
+pub struct GeneralSubtree<'a> {
+    pub base: GeneralName<'a>,
+    // minimum: u32,
+    // maximum: Option<u32>,
+}
+
+pub(crate) fn parse_nameconstraints(i: &[u8]) -> IResult<&[u8], NameConstraints, BerError> {
+    fn parse_subtree(i: &[u8]) -> IResult<&[u8], GeneralSubtree, BerError> {
+        parse_der_sequence_defined_g(|input, _| {
+            map(parse_generalname, |base| GeneralSubtree { base })(input)
+        })(i)
+    }
+    fn parse_subtrees(i: &[u8]) -> IResult<&[u8], Vec<GeneralSubtree>, BerError> {
+        all_consuming(many1(complete(parse_subtree)))(i)
+    }
+
+    let (ret, named_constraints) = parse_der_sequence_defined_g(|input, _| {
+        let (rem, permitted_subtrees) =
+            opt(complete(parse_der_tagged_explicit_g(0, |input, _| {
+                parse_subtrees(input)
+            })))(input)?;
+        let (rem, excluded_subtrees) =
+            opt(complete(parse_der_tagged_explicit_g(1, |input, _| {
+                parse_subtrees(input)
+            })))(rem)?;
+        let named_constraints = NameConstraints {
+            permitted_subtrees,
+            excluded_subtrees,
+        };
+        Ok((rem, named_constraints))
+    })(i)?;
+
+    Ok((ret, named_constraints))
+}
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 17:39:49 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-19 17:39:49 +0000
commit	a0aa2307322cd47bbf416810ac0292925e03be87 (patch)
tree	37076262a026c4b48c8a0e84f44ff9187556ca35 /rust/vendor/x509-parser/src/extensions/nameconstraints.rs
parent	Initial commit. (diff)
download	suricata-a0aa2307322cd47bbf416810ac0292925e03be87.tar.xz suricata-a0aa2307322cd47bbf416810ac0292925e03be87.zip