Use dedicated CustomExtension type

Author: jean-airoldie

src/extensions/mod.rs

@@ -175,7 +175,7 @@ impl<'a> DerParser<'a> for X509Extension<'a> {
         let (rem, (_, value)) = <&[u8]>::parse_der_as_input(rem)
             .map_err(|_| Err::Error(X509Error::InvalidExtensions))?;
 
-        let (_, parsed_extension) = parser::parse_extension(value.clone(), &oid)?;
+        let parsed_extension = parser::parse_extension(value.clone(), &oid, critical);
         let ext = X509Extension {
             oid,
             critical,
@@ -226,10 +226,11 @@ impl<'i> Parser<Input<'i>> for X509ExtensionParser {
             let (rem, (_, value)) = <&[u8]>::parse_der_as_input(rem)
                 .map_err(|_| Err::Error(X509Error::InvalidExtensions))?;
 
-            let (_, parsed_extension) = if self.deep_parse_extensions {
-                parser::parse_extension(value.clone(), &oid)?
+            let parsed_extension = if self.deep_parse_extensions {
+                parser::parse_extension(value.clone(), &oid, critical)
             } else {
-                (rem.take(rem.input_len()), ParsedExtension::Unparsed)
+                rem.take(rem.input_len());
+                ParsedExtension::Unparsed
             };
 
             let ext = X509Extension {
@@ -258,15 +259,21 @@ impl<'i> Parser<Input<'i>> for X509ExtensionParser {
     }
 }
 
+/// A unsupported extension.
+#[derive(Debug, Clone, Eq, PartialEq)]
+pub struct UnsupportedExtension<'a> {
+    /// The Object ID of the extension.
+    pub oid: Oid<'a>,
+    /// The unparsed value.
+    pub value: &'a [u8],
+    /// Whether the extension is critical.
+    pub critical: bool,
+}
+
 #[derive(Clone, Debug, PartialEq)]
 pub enum ParsedExtension<'a> {
     /// Crate parser does not support this extension (yet)
-    UnsupportedExtension {
-        /// The Object ID of the extension.
-        oid: Oid<'a>,
-        /// The unparsed value.
-        value: &'a [u8],
-    },
+    UnsupportedExtension(UnsupportedExtension<'a>),
     ParseError {
         error: Err<X509Error>,
     },
@@ -425,31 +432,27 @@ pub(crate) mod parser {
 
     // look into the parser map if the extension is known, and parse it
     // otherwise, leave it as UnsupportedExtension
-    fn parse_extension0<'i>(
-        input: Input<'i>,
-        oid: &Oid,
-    ) -> IResult<Input<'i>, ParsedExtension<'i>, X509Error> {
+    fn parse_extension0<'i>(input: Input<'i>, oid: &Oid, critical: bool) -> ParsedExtension<'i> {
         if let Some(parser) = EXTENSION_PARSERS.get(oid) {
             match parser(input.clone()) {
-                Ok((rem, ext)) => Ok((rem, ext)),
-                Err(error) => Ok((input, ParsedExtension::ParseError { error })),
+                Ok((_, ext)) => ext,
+                Err(error) => ParsedExtension::ParseError { error },
             }
         } else {
-            Ok((
-                input,
-                ParsedExtension::UnsupportedExtension {
-                    oid: oid.to_owned(),
-                    value: i,
-                },
-            ))
+            ParsedExtension::UnsupportedExtension(UnsupportedExtension {
+                oid: oid.to_owned(),
+                value: input.as_bytes2(),
+                critical,
+            })
         }
     }
 
     pub(crate) fn parse_extension<'i>(
         input: Input<'i>,
         oid: &Oid,
-    ) -> IResult<Input<'i>, ParsedExtension<'i>, X509Error> {
-        parse_extension0(input, oid)
+        critical: bool,
+    ) -> ParsedExtension<'i> {
+        parse_extension0(input, oid, critical)
     }
 
     fn parse_basicconstraints_ext(input: Input) -> IResult<Input, ParsedExtension, X509Error> {

tests/readcsr.rs

@@ -149,22 +149,25 @@ fn read_csr_with_custom_extension() {
         .certification_request_info
         .find_attribute(&OID_PKCS9_EXTENSION_REQUEST)
         .expect("Custom extension not found in CSR");
-    match custom_attr.parsed_attribute() {
-        ParsedCriAttribute::ExtensionRequest(req) => {
-            assert_eq!(req.extensions.len(), 1);
-            let extension = req.extensions.first().unwrap();
-            assert_eq!(extension.oid, OID_CUSTOM_EXTENSION);
-            assert_eq!(extension.critical, false);
-            assert_eq!(extension.value, VALUE_CUSTOM_EXTENSION);
+    for attr in custom_attr.parsed_attributes() {
+        match attr {
+            ParsedCriAttribute::ExtensionRequest(req) => {
+                assert_eq!(req.extensions.len(), 1);
+                let extension = req.extensions.first().unwrap();
+                assert_eq!(extension.oid, OID_CUSTOM_EXTENSION);
+                assert_eq!(extension.critical, false);
+                assert_eq!(extension.value.as_bytes2(), VALUE_CUSTOM_EXTENSION);
+            }
+            _ => unreachable!(),
         }
-        _ => unreachable!(),
     }
 
-    let extensions = csr.requested_extensions().unwrap();
+    let extensions = csr.requested_extensions();
     for extension in extensions {
-        if let ParsedExtension::UnsupportedExtension { oid, value } = extension {
-            assert_eq!(oid, &OID_CUSTOM_EXTENSION);
-            assert_eq!(value, &VALUE_CUSTOM_EXTENSION);
+        if let ParsedExtension::UnsupportedExtension(ext) = extension {
+            assert_eq!(ext.oid, OID_CUSTOM_EXTENSION);
+            assert_eq!(ext.value, VALUE_CUSTOM_EXTENSION);
+            assert_eq!(ext.critical, false);
         }
     }
 }