Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refactor repository and CA code to support BGPsec CSRs. (#210)
This commit refactors the library to support BGPsec CSRs and creating router certificates from them. In particular, it: * moves `repository::crypto` into its own top-level module and adds the `crypto` feature, * adds separate signature algorithm types for RPKI and BGPsec and adds a `SignatureAlgorithm` trait so the two can be used in parallel, * makes `crypto::signature::Signature` generic over the signature algorithm, * changes the `Signer` trait and soft-signer implementation to be able to deal with both signature algorithm types via an intermediary `SigningAlgorithm` enum, * makes `repository::x509::SignedData` (the type used for the outer, signed portion of certificates, CRLs, and CSRs) generic over the signature algorithm type so it can be used for both RPKI and BGPsec objects, * moves `repository::oid` into its own top-level module and makes it depend on the `bcder` feature, * moves `repository::csr` to `ca::csr` where it belongs, * changes the `ca::csr`’s types to be generic over the signature algorithms and CSR attributes, * changes the type of the Extended Key Usage attribute of certificates and CSRs into a newtype around the wrapping capture, and * adds missing functionality to `TbsCert` and `CertBuilder` to be able to generate router certificates. This is a breaking change.
- Loading branch information
