x509 API upgrade to 0.8.0

2019-10-06 23:38:13 +02:00 · 2019-10-06 23:38:13 +02:00 · a46538cabc
parent 4787b0cf1f
commit a46538cabc
6 changed files with 12 additions and 7 deletions
--- a/albatross.opam
+++ b/albatross.opam
@ -19,7 +19,7 @@ depends: [
  "cmdliner" {>= "1.0.0"}
  "fmt"
  "astring"
-  "x509" {>= "0.7.0"}
+  "x509" {>= "0.8.0"}
  "tls" {>= "0.9.0"}
  "nocrypto"
  "asn1-combinators" {>= "0.2.0"}
--- a/client/albatross_client_bistro.ml
+++ b/client/albatross_client_bistro.ml
@ -52,7 +52,9 @@ let handle (host, port) cert key ca id (cmd : Vmm_commands.t) =
                         (singleton (Unsupported Vmm_asn.oid) (false, v)))))
    in
    let csr =
-      let name = Distinguished_name.(singleton CN name) in
+      let name =
+        [ Distinguished_name.(Relative_distinguished_name.singleton (CN name)) ]
+      in
      let extensions = Signing_request.Ext.(singleton Extensions extensions) in
      Signing_request.create name ~extensions (`RSA tmpkey)
    in
--- a/provision/albatross_provision.ml
+++ b/provision/albatross_provision.ml
@ -39,7 +39,9 @@ let sign ?dbname ?certname extensions issuer key csr delta =
  (match certname with
   | Some x -> Ok x
   | None ->
-     match X509.(Distinguished_name.find CN Signing_request.((info csr).subject)) with
+     match
+       X509.Distinguished_name.common_name X509.Signing_request.((info csr).subject)
+     with
     | Some name -> Ok name
     | None -> Error (`Msg "couldn't find name (no common name in CSR subject)")) >>= fun certname ->
  timestamps delta >>= fun (valid_from, valid_until) ->
--- a/provision/albatross_provision_ca.ml
+++ b/provision/albatross_provision_ca.ml
@ -75,11 +75,11 @@ let help _ man_format cmds = function
 let generate _ name db days sname sdays =
  Nocrypto_entropy_unix.initialize () ;
  priv_key ~bits:4096 None name >>= fun key ->
-  let name = Distinguished_name.(singleton CN name) in
+  let name = [ Distinguished_name.(Relative_distinguished_name.singleton (CN name)) ] in
  let csr = Signing_request.create name key in
  sign ~certname:"cacert" (d_exts ()) name key csr (Duration.of_day days) >>= fun () ->
  priv_key None sname >>= fun skey ->
-  let sname = Distinguished_name.(singleton CN sname) in
+  let sname = [ Distinguished_name.(Relative_distinguished_name.singleton (CN sname)) ] in
  let csr = Signing_request.create sname skey in
  sign ~dbname:(Fpath.v db) s_exts name key csr (Duration.of_day sdays)

--- a/provision/albatross_provision_request.ml
+++ b/provision/albatross_provision_request.ml
@ -11,7 +11,8 @@ let csr priv name cmd =
  let ext =
    let v = cert_extension_to_cstruct (version, cmd) in
    X509.Extension.(singleton (Unsupported oid) (false, v))
-  and name = X509.Distinguished_name.(singleton CN name)
+  and name =
+    [ X509.Distinguished_name.(Relative_distinguished_name.singleton (CN name)) ]
  in
  let extensions = X509.Signing_request.Ext.(singleton Extensions ext) in
  X509.Signing_request.create name ~extensions priv
--- a/tls/vmm_tls.ml
+++ b/tls/vmm_tls.ml
@ -9,7 +9,7 @@ let cert_name cert =
  match Extension.(find (Unsupported Vmm_asn.oid) (Certificate.extensions cert)) with
  | None -> Ok None
  | Some (_, data) ->
-    match Distinguished_name.(find CN (Certificate.subject cert)) with
+    match X509.(Distinguished_name.common_name (Certificate.subject cert)) with
    | Some name -> Ok (Some name)
    | None -> match Vmm_asn.cert_extension_of_cstruct data with
      | Error (`Msg _) -> Error (`Msg "couldn't parse albatross extension")