studio/cli
2
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 4 Wiki Activity

chore: checkpoint before Python removal

Browse Source
This commit is contained in:
Sienna Meridian Satterwhite
2026-03-26 22:33:59 +00:00
parent 683cec9307
commit e568ddf82a
29972 changed files with 11269302 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
vendor/rcgen/examples/rsa-irc-openssl.rs vendored Normal file
View File

@@ -0,0 +1,43 @@
#[cfg(unix)]
fn main() -> Result<(), Box<dyn std::error::Error>> {
use std::fmt::Write;
use std::fs;
use rcgen::{date_time_ymd, CertificateParams, DistinguishedName};
let mut params: CertificateParams = Default::default();
params.not_before = date_time_ymd(2021, 5, 19);
params.not_after = date_time_ymd(4096, 1, 1);
params.distinguished_name = DistinguishedName::new();
let pkey: openssl::pkey::PKey<_> = openssl::rsa::Rsa::generate(2048)?.try_into()?;
let key_pair_pem = String::from_utf8(pkey.private_key_to_pem_pkcs8()?)?;
let key_pair = rcgen::KeyPair::from_pem(&key_pair_pem)?;
let cert = params.self_signed(&key_pair)?;
let pem_serialized = cert.pem();
let pem = pem::parse(&pem_serialized)?;
let der_serialized = pem.contents();
let hash = ring::digest::digest(&ring::digest::SHA512, der_serialized);
let hash_hex = hash.as_ref().iter().fold(String::new(), |mut output, b| {
let _ = write!(output, "{b:02x}");
output
});
println!("sha-512 fingerprint: {hash_hex}");
println!("{pem_serialized}");
println!("{}", key_pair.serialize_pem());
std::fs::create_dir_all("certs/")?;
fs::write("certs/cert.pem", pem_serialized.as_bytes())?;
fs::write("certs/cert.der", der_serialized)?;
fs::write("certs/key.pem", key_pair.serialize_pem().as_bytes())?;
fs::write("certs/key.der", key_pair.serialize_der())?;
Ok(())
}
#[cfg(not(unix))]
fn main() -> Result<(), Box<dyn std::error::Error>> {
// Due to the support burden of running OpenSSL on Windows,
// we only support the OpenSSL backend on Unix-like systems.
// It should still work on Windows if you have OpenSSL installed.
unimplemented!("OpenSSL backend is not supported on Windows");
}

66
vendor/rcgen/examples/sign-leaf-with-ca.rs vendored Normal file
View File

@@ -0,0 +1,66 @@
use rcgen::DnValue::PrintableString;
use rcgen::{
BasicConstraints, Certificate, CertificateParams, DnType, ExtendedKeyUsagePurpose, IsCa,
Issuer, KeyPair, KeyUsagePurpose,
};
use time::{Duration, OffsetDateTime};
/// Example demonstrating signing end-entity certificate with ca
fn main() {
let (ca, issuer) = new_ca();
let end_entity = new_end_entity(&issuer);
let end_entity_pem = end_entity.pem();
println!("directly signed end-entity certificate: {end_entity_pem}");
let ca_cert_pem = ca.pem();
println!("ca certificate: {ca_cert_pem}");
}
fn new_ca() -> (Certificate, Issuer<'static, KeyPair>) {
let mut params =
CertificateParams::new(Vec::default()).expect("empty subject alt name can't produce error");
let (yesterday, tomorrow) = validity_period();
params.is_ca = IsCa::Ca(BasicConstraints::Unconstrained);
params.distinguished_name.push(
DnType::CountryName,
PrintableString("BR".try_into().unwrap()),
);
params
.distinguished_name
.push(DnType::OrganizationName, "Crab widgits SE");
params.key_usages.push(KeyUsagePurpose::DigitalSignature);
params.key_usages.push(KeyUsagePurpose::KeyCertSign);
params.key_usages.push(KeyUsagePurpose::CrlSign);
params.not_before = yesterday;
params.not_after = tomorrow;
let key_pair = KeyPair::generate().unwrap();
let cert = params.self_signed(&key_pair).unwrap();
(cert, Issuer::new(params, key_pair))
}
fn new_end_entity(issuer: &Issuer<'static, KeyPair>) -> Certificate {
let name = "entity.other.host";
let mut params = CertificateParams::new(vec![name.into()]).expect("we know the name is valid");
let (yesterday, tomorrow) = validity_period();
params.distinguished_name.push(DnType::CommonName, name);
params.use_authority_key_identifier_extension = true;
params.key_usages.push(KeyUsagePurpose::DigitalSignature);
params
.extended_key_usages
.push(ExtendedKeyUsagePurpose::ServerAuth);
params.not_before = yesterday;
params.not_after = tomorrow;
let key_pair = KeyPair::generate().unwrap();
params.signed_by(&key_pair, issuer).unwrap()
}
fn validity_period() -> (OffsetDateTime, OffsetDateTime) {
let day = Duration::new(86400, 0);
let yesterday = OffsetDateTime::now_utc().checked_sub(day).unwrap();
let tomorrow = OffsetDateTime::now_utc().checked_add(day).unwrap();
(yesterday, tomorrow)
}

82
vendor/rcgen/examples/sign-leaf-with-pem-files.rs vendored Normal file
View File

@@ -0,0 +1,82 @@
//! Generate a new certificate, and sign it with an existing root or
//! intermediate certificate.
//!
//! Requires four positional command line arguments:
//! * File path to PEM containing signer's key pair
//! * File path to PEM containing signer's certificate
//! * File path for generated PEM containing output key pair
//! * File path for generated PEM containing output certificate
use std::error::Error;
use std::fs;
use std::path::PathBuf;
use rcgen::{CertificateParams, DnType, ExtendedKeyUsagePurpose, Issuer, KeyPair, KeyUsagePurpose};
use time::{Duration, OffsetDateTime};
fn main() -> Result<(), Box<dyn Error>> {
let mut args = std::env::args().skip(1);
let signer_keys_file = PathBuf::from(
args.next()
.ok_or("provide signer's pem keys file as 1st argument")?,
);
let signer_cert_file = PathBuf::from(
args.next()
.ok_or("provide signer's pem certificate file as 2nd argument")?,
);
let output_keys_file =
PathBuf::from(args.next().ok_or("output pem keys file as 3rd argument")?);
let output_cert_file = PathBuf::from(args.next().ok_or("output pem cert file as 4th fourth")?);
// Read existing certificate authority
let keys_pem = fs::read_to_string(&signer_keys_file)?;
let cert_pem = fs::read_to_string(&signer_cert_file)?;
let key_pair = KeyPair::from_pem(&keys_pem)?;
let signer = Issuer::from_ca_cert_pem(&cert_pem, key_pair)?;
// Create a new signed server certificate
const DOMAIN: &str = "example.domain";
let sans = vec![DOMAIN.into()];
let mut params = CertificateParams::new(sans)?;
params.distinguished_name.push(DnType::CommonName, DOMAIN);
params.use_authority_key_identifier_extension = true;
params.key_usages.push(KeyUsagePurpose::DigitalSignature);
params
.extended_key_usages
.push(ExtendedKeyUsagePurpose::ServerAuth);
const DAY: Duration = Duration::days(1);
let yesterday = OffsetDateTime::now_utc()
.checked_sub(DAY)
.ok_or("invalid yesterday")?;
let tomorrow = OffsetDateTime::now_utc()
.checked_add(DAY)
.ok_or("invalid tomorrow")?;
params.not_before = yesterday;
params.not_after = tomorrow;
let output_keys = KeyPair::generate()?;
let output_cert = params.signed_by(&output_keys, &signer)?;
// Write new certificate
fs::write(&output_keys_file, output_keys.serialize_pem())?;
fs::write(&output_cert_file, output_cert.pem())?;
println!("Wrote signed leaf certificate:");
println!(" keys: {}", output_keys_file.display());
println!(" cert: {}", output_cert_file.display());
println!();
Ok(())
}

35
vendor/rcgen/examples/simple.rs vendored Normal file
View File

@@ -0,0 +1,35 @@
use std::fs;
use rcgen::{date_time_ymd, CertificateParams, DistinguishedName, DnType, KeyPair, SanType};
fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut params: CertificateParams = Default::default();
params.not_before = date_time_ymd(1975, 1, 1);
params.not_after = date_time_ymd(4096, 1, 1);
params.distinguished_name = DistinguishedName::new();
params
.distinguished_name
.push(DnType::OrganizationName, "Crab widgits SE");
params
.distinguished_name
.push(DnType::CommonName, "Master Cert");
params.subject_alt_names = vec![
SanType::DnsName("crabs.crabs".try_into()?),
SanType::DnsName("localhost".try_into()?),
];
let key_pair = KeyPair::generate()?;
let cert = params.self_signed(&key_pair)?;
let pem_serialized = cert.pem();
let pem = pem::parse(&pem_serialized)?;
let der_serialized = pem.contents();
println!("{pem_serialized}");
println!("{}", key_pair.serialize_pem());
fs::create_dir_all("certs/")?;
fs::write("certs/cert.pem", pem_serialized.as_bytes())?;
fs::write("certs/cert.der", der_serialized)?;
fs::write("certs/key.pem", key_pair.serialize_pem().as_bytes())?;
fs::write("certs/key.der", key_pair.serialize_der())?;
Ok(())
}