fix: move new c509 from cat-voice

rust/c509-certificate/.config/nextest.toml

@@ -1,3 +1,4 @@
+# cspell: words scrollability testcase
 [store]
 # The directory under the workspace root at which nextest-related files are
 # written. Profile-specific storage is currently written to dir/<profile-name>.

rust/c509-certificate/deny.toml

@@ -1,4 +1,7 @@
+# cspell: words msvc, wasip, RUSTSEC, rustls, libssh, reqwest, tinyvec, Leay, webpki
+
 [graph]
+# cargo-deny is really only ever intended to run on the "normal" tier-1 targets
 targets = [
     "x86_64-unknown-linux-gnu",
     "aarch64-unknown-linux-gnu",
@@ -22,11 +25,20 @@ ignore = [
 multiple-versions = "warn"
 wildcards = 'deny'
 deny = [
+    # { crate = "git2", use-instead = "gix" },
     { crate = "openssl", use-instead = "rustls" },
     { crate = "openssl-sys", use-instead = "rustls" },
     "libssh2-sys",
+    # { crate = "cmake", use-instead = "cc" },
+    # { crate = "windows", reason = "bloated and unnecessary", use-instead = "ideally inline bindings, practically, windows-sys" },
+]
+skip = [
+    # { crate = "[email protected]", reason = "https://github.com/seanmonstar/reqwest/pull/2130 should be in the next version" },
+    # { crate = "[email protected]", reason = "gix 0.59 was yanked, see https://github.com/Byron/gitoxide/issues/1309" },
+    # { crate = "[email protected]", reason = "strum_macros uses this old version" },
+    # { crate = "[email protected]", reason = "gix-transport pulls in this old version, as well as a newer version via reqwest" },
+    # { crate = "[email protected]", reason = "gix-transport pulls in this old version, as well as a newer version via reqwest" },
 ]
-skip = []
 skip-tree = [
     { crate = "[email protected]", reason = "a foundational crate for many that bumps far too frequently to ever have a shared version" },
 ]
@@ -45,7 +57,9 @@ allow-git = [
 
 [licenses]
 version = 2
-unused-allowed-license = "allow"
+# Don't warn if a listed license isn't found
+unused-allowed-license="allow"
+# We want really high confidence when inferring licenses from text
 confidence-threshold = 0.93
 allow = [
     "MIT",
@@ -60,7 +74,11 @@ allow = [
     "Unicode-3.0",
     "MPL-2.0",
 ]
-exceptions = []
+exceptions = [
+    #{ allow = ["Zlib"], crate = "tinyvec" },
+    #{ allow = ["Unicode-DFS-2016"], crate = "unicode-ident" },
+    #{ allow = ["OpenSSL"], crate = "ring" },
+]
 
 [[licenses.clarify]]
 crate = "byte-array-literals"
@@ -76,3 +94,24 @@ license-files = [{ path = "../LICENSE-MIT", hash = 0x001c7e6c }]
 crate = "ring"
 expression = "MIT"
 license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
+
+# SPDX considers OpenSSL to encompass both the OpenSSL and SSLeay licenses
+# https://spdx.org/licenses/OpenSSL.html
+# ISC - Both BoringSSL and ring use this for their new files
+# MIT - "Files in third_party/ have their own licenses, as described therein. The MIT
+# license, for third_party/fiat, which, unlike other third_party directories, is
+# compiled into non-test libraries, is included below."
+# OpenSSL - Obviously
+#expression = "ISC AND MIT AND OpenSSL"
+#license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
+
+#[[licenses.clarify]]
+#crate = "webpki"
+#expression = "ISC"
+#license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
+
+# Actually "ISC-style"
+#[[licenses.clarify]]
+#crate = "rustls-webpki"
+#expression = "ISC"
+#license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]

rust/c509-certificate/examples/cli/main.rs

@@ -8,14 +8,14 @@ use std::{
 
 use asn1_rs::{oid, Oid};
 use c509_certificate::{
-    c509_big_uint::UnwrappedBigUint,
-    c509_extensions::Extensions,
-    c509_issuer_sig_algo::IssuerSignatureAlgorithm,
-    c509_name::{rdn::RelativeDistinguishedName, Name, NameValue},
-    c509_subject_pub_key_algo::SubjectPubKeyAlgorithm,
-    c509_time::Time,
+    big_uint::UnwrappedBigUint,
+    extensions::Extensions,
+    issuer_sig_algo::IssuerSignatureAlgorithm,
+    name::{rdn::RelativeDistinguishedName, Name, NameValue},
     signing::{PrivateKey, PublicKey},
+    subject_pub_key_algo::SubjectPubKeyAlgorithm,
     tbs_cert::TbsCert,
+    time::Time,
 };
 use chrono::{DateTime, Utc};
 use clap::Parser;

rust/c509-certificate/src/c509_algo_identifier.rs → rust/c509-certificate/src/algorithm_identifier.rs

@@ -17,7 +17,7 @@ use asn1_rs::Oid;
 use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Serialize};
 
-use crate::c509_oid::C509oid;
+use crate::oid::C509oid;
 
 /// A struct represents the `AlgorithmIdentifier` type.
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]

rust/c509-certificate/src/c509_attributes/attribute.rs → rust/c509-certificate/src/attributes/attribute.rs

@@ -16,7 +16,7 @@ use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Deserializer, Serialize};
 
 use super::data::{get_oid_from_int, ATTRIBUTES_LOOKUP};
-use crate::c509_oid::{C509oid, C509oidRegistered};
+use crate::oid::{C509oid, C509oidRegistered};
 
 /// A struct of C509 `Attribute`
 #[derive(Debug, Clone, PartialEq)]

rust/c509-certificate/src/c509_attributes/mod.rs → rust/c509-certificate/src/attributes/mod.rs

@@ -10,7 +10,7 @@
 //!     SubjectDirectoryAttributes = [+Attributes]
 //! ```
 //!
-//! For more information about `Attributes`,
+//! For more information about `Atributes`,
 //! visit [C509 Certificate](https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/09/)
 
 use attribute::Attribute;

rust/c509-certificate/src/c509_big_uint.rs → rust/c509-certificate/src/big_uint.rs

@@ -9,6 +9,7 @@ use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Serialize};
 
 /// A struct representing an unwrapped CBOR unsigned bignum.
+#[allow(clippy::module_name_repetitions)]
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 pub struct UnwrappedBigUint(u64);
 

rust/c509-certificate/src/c509.rs

@@ -5,7 +5,7 @@ use serde::{Deserialize, Serialize};
 
 use crate::tbs_cert::TbsCert;
 
-#[derive(Deserialize, Serialize)]
+#[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 /// A struct represents the `C509` Certificate.
 pub struct C509 {
     /// A TBS Certificate.

rust/c509-certificate/src/c509_extensions/alt_name.rs → rust/c509-certificate/src/extensions/alt_name.rs

@@ -4,7 +4,7 @@
 use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Serialize};
 
-use crate::c509_general_names::{
+use crate::general_names::{
     general_name::{GeneralName, GeneralNameTypeRegistry, GeneralNameValue},
     GeneralNames,
 };
@@ -20,6 +20,12 @@ impl AlternativeName {
     pub fn new(value: GeneralNamesOrText) -> Self {
         Self(value)
     }
+
+    /// Get the inner of Alternative Name.
+    #[must_use]
+    pub fn get_inner(&self) -> &GeneralNamesOrText {
+        &self.0
+    }
 }
 
 impl Encode<()> for AlternativeName {
@@ -55,11 +61,11 @@ impl Encode<()> for GeneralNamesOrText {
         match self {
             GeneralNamesOrText::GeneralNames(gns) => {
                 let gn = gns
-                    .get_gns()
+                    .get_inner()
                     .first()
                     .ok_or(minicbor::encode::Error::message("GeneralNames is empty"))?;
                 // Check whether there is only 1 item in the array which is a DNSName
-                if gns.get_gns().len() == 1 && gn.get_gn_type().is_dns_name() {
+                if gns.get_inner().len() == 1 && gn.get_gn_type().is_dns_name() {
                     gn.get_gn_value().encode(e, ctx)?;
                 } else {
                     gns.encode(e, ctx)?;
@@ -105,7 +111,7 @@ impl Decode<'_, ()> for GeneralNamesOrText {
 #[cfg(test)]
 mod test_alt_name {
     use super::*;
-    use crate::c509_general_names::general_name::{
+    use crate::general_names::general_name::{
         GeneralName, GeneralNameTypeRegistry, GeneralNameValue,
     };
 

rust/c509-certificate/src/c509_extensions/extension/mod.rs → rust/c509-certificate/src/extensions/extension/mod.rs

@@ -10,7 +10,7 @@ use serde::{Deserialize, Deserializer, Serialize};
 use strum_macros::EnumDiscriminants;
 
 use super::alt_name::AlternativeName;
-use crate::c509_oid::{C509oid, C509oidRegistered};
+use crate::oid::{C509oid, C509oidRegistered};
 
 /// A struct of C509 `Extension`
 #[derive(Debug, Clone, PartialEq)]

rust/c509-certificate/src/c509_extensions/mod.rs → rust/c509-certificate/src/extensions/mod.rs

@@ -51,6 +51,12 @@ impl Extensions {
     pub fn add_ext(&mut self, extension: Extension) {
         self.0.push(extension);
     }
+
+    /// Get the inner vector of `Extensions`.
+    #[must_use]
+    pub fn get_inner(&self) -> &Vec<Extension> {
+        &self.0
+    }
 }
 
 impl Encode<()> for Extensions {

rust/c509-certificate/src/c509_general_names/general_name.rs → rust/c509-certificate/src/general_names/general_name.rs

@@ -13,7 +13,7 @@ use super::{
     data::{get_gn_from_int, get_gn_value_type_from_int, get_int_from_gn},
     other_name_hw_module::OtherNameHardwareModuleName,
 };
-use crate::{c509_name::Name, c509_oid::C509oid};
+use crate::{name::Name, oid::C509oid};
 
 /// A struct represents a `GeneralName`.
 /// ```cddl
@@ -173,7 +173,8 @@ impl Encode<()> for GeneralNameValue {
     }
 }
 impl<C> Decode<'_, C> for GeneralNameValue
-where C: GeneralNameValueTrait + Debug
+where
+    C: GeneralNameValueTrait + Debug,
 {
     fn decode(d: &mut Decoder<'_>, ctx: &mut C) -> Result<Self, minicbor::decode::Error> {
         match ctx.get_type() {
@@ -197,11 +198,9 @@ where C: GeneralNameValueTrait + Debug
                 let value = Name::decode(d, &mut ())?;
                 Ok(GeneralNameValue::Name(value))
             },
-            GeneralNameValueType::Unsupported => {
-                Err(minicbor::decode::Error::message(
-                    "Cannot decode Unsupported GeneralName value",
-                ))
-            },
+            GeneralNameValueType::Unsupported => Err(minicbor::decode::Error::message(
+                "Cannot decode Unsupported GeneralName value",
+            )),
         }
     }
 }
@@ -242,9 +241,10 @@ mod test_general_name {
         let mut buffer = Vec::new();
         let mut encoder = Encoder::new(&mut buffer);
 
-        let hw = OtherNameHardwareModuleName::new(oid!(2.16.840 .1 .101 .3 .4 .2 .1), vec![
-            0x01, 0x02, 0x03, 0x04,
-        ]);
+        let hw = OtherNameHardwareModuleName::new(
+            oid!(2.16.840 .1 .101 .3 .4 .2 .1),
+            vec![0x01, 0x02, 0x03, 0x04],
+        );
         let gn = GeneralName::new(
             GeneralNameTypeRegistry::OtherNameHardwareModuleName,
             GeneralNameValue::OtherNameHWModuleName(hw),

rust/c509-certificate/src/c509_general_names/mod.rs → rust/c509-certificate/src/general_names/mod.rs

@@ -36,8 +36,9 @@ impl GeneralNames {
         self.0.push(gn);
     }
 
-    /// Get the a vector of `GeneralName`.
-    pub(crate) fn get_gns(&self) -> &Vec<GeneralName> {
+    /// Get the inner of `GeneralName`.
+    #[must_use]
+    pub fn get_inner(&self) -> &Vec<GeneralName> {
         &self.0
     }
 }
@@ -85,7 +86,7 @@ mod test_general_names {
     use other_name_hw_module::OtherNameHardwareModuleName;
 
     use super::*;
-    use crate::c509_oid::C509oid;
+    use crate::oid::C509oid;
 
     #[test]
     fn encode_decode_gns() {

rust/c509-certificate/src/c509_general_names/other_name_hw_module.rs → rust/c509-certificate/src/general_names/other_name_hw_module.rs

@@ -7,7 +7,7 @@ use asn1_rs::Oid;
 use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Serialize};
 
-use crate::c509_oid::C509oid;
+use crate::oid::C509oid;
 
 /// A struct represents the hardwareModuleName type of otherName.
 /// Containing a pair of ( hwType, hwSerialNum ) as mentioned in

rust/c509-certificate/src/c509_issuer_sig_algo/mod.rs → rust/c509-certificate/src/issuer_sig_algo/mod.rs

@@ -14,7 +14,7 @@ use data::{get_oid_from_int, ISSUER_SIG_ALGO_LOOKUP};
 use minicbor::{encode::Write, Decode, Decoder, Encode, Encoder};
 use serde::{Deserialize, Deserializer, Serialize};
 
-use crate::{c509_algo_identifier::AlgorithmIdentifier, c509_oid::C509oidRegistered};
+use crate::{algorithm_identifier::AlgorithmIdentifier, oid::C509oidRegistered};
 
 /// A struct represents the `IssuerSignatureAlgorithm`
 #[derive(Debug, Clone, PartialEq)]

rust/c509-certificate/src/lib.rs

@@ -40,20 +40,20 @@ use c509::C509;
 use minicbor::{Decode, Encode};
 use signing::{PrivateKey, PublicKey};
 use tbs_cert::TbsCert;
+pub mod algorithm_identifier;
+pub mod attributes;
+pub mod big_uint;
 pub mod c509;
-pub mod c509_algo_identifier;
-pub mod c509_attributes;
-pub mod c509_big_uint;
-pub mod c509_extensions;
-pub mod c509_general_names;
-pub mod c509_issuer_sig_algo;
-pub mod c509_name;
-pub mod c509_oid;
-pub mod c509_subject_pub_key_algo;
-pub mod c509_time;
+pub mod extensions;
+pub mod general_names;
+pub mod issuer_sig_algo;
+pub mod name;
+pub mod oid;
 pub mod signing;
+pub mod subject_pub_key_algo;
 mod tables;
 pub mod tbs_cert;
+pub mod time;
 pub mod wasm_binding;
 
 /// Generate a signed or unsigned C509 certificate.

rust/c509-certificate/src/c509_name/mod.rs → rust/c509-certificate/src/name/mod.rs

@@ -23,7 +23,7 @@ use rdn::RelativeDistinguishedName;
 use regex::Regex;
 use serde::{Deserialize, Serialize};
 
-use crate::c509_attributes::attribute::{Attribute, AttributeValue};
+use crate::attributes::attribute::{Attribute, AttributeValue};
 
 /// OID of `CommonName` attribute.
 const COMMON_NAME_OID: Oid<'static> = oid!(2.5.4 .3);
@@ -73,6 +73,7 @@ impl Decode<'_, ()> for Name {
 // ------------------NameValue----------------------
 
 /// An enum of possible value types for `Name`.
+#[allow(clippy::module_name_repetitions)]
 #[derive(Debug, Clone, PartialEq, Deserialize, Serialize)]
 #[serde(rename_all = "snake_case")]
 pub enum NameValue {
@@ -283,7 +284,7 @@ fn create_rdn_with_cn_attr(text: String) -> NameValue {
 #[cfg(test)]
 pub(crate) mod test_name {
     use super::*;
-    use crate::c509_attributes::attribute::Attribute;
+    use crate::attributes::attribute::Attribute;
 
     // Test data from https://datatracker.ietf.org/doc/draft-ietf-cose-cbor-encoded-cert/09/
     // A.1.1.  Example C509 Certificate Encoding