Update Rust crate rcgen to 0.13.2 #7687
Open
+7
−3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![oxide-renovate[bot]](https://avatars.githubusercontent.com/u/54040662?s=60&v=4){kind=small}
oxide-renovate
bot
added
the
dependencies
oxide-renovate
bot
force-pushed
the
renovate/rcgen-0.x
branch
from
f20e0fa to
7d8ed4d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.12.1->0.13.2Release Notes
rustls/rcgen (rcgen)
v0.13.2: 0.13.2Compare Source
Several improvements to the capabilities available when working with certificate signing requests.
What's Changed
algorithmfield onPublicKeyby @rickvanprim in https://github.com/rustls/rcgen/pull/281aws-lc-rsby @daxpedda in https://github.com/rustls/rcgen/pull/286lib.rsby @ghenry in https://github.com/rustls/rcgen/pull/298v0.13.1: 0.13.1Compare Source
Fixed incorrect usage of the subject certificate's parameter's key identifier method when computing the key identifier of the issuer for the subject's authority key identifier (AKI) extension.
What's Changed
v0.13.0: 0.13.0Compare Source
Breaking changes
The API used to create/issue key pairs, certificates, certificate signing requests (CSRs), and certificate revocation lists (CRLs) has been restructured to emphasize consistency and avoid common errors with serialization.
For each concrete type (cert, CSR, CRL) the process is now the same:
fnon the parameters, providing subject key pair and issuer information and as appropriate.fns on the finalized type, obtaining DER or PEM.For more information, see [rcgen/docs/0.12-to-0.13.md].
Throughout the API DER inputs are now represented using types from the Rustls
rustls-pki-typescrate, e.g.PrivateKeyDer,CertificateDer,CertificateSigningRequestDer. Contributed by Tudyx.String types used in
SanTypeandDnValueenums for non-UTF8 string types have been replaced with more specific types that prevent representation of illegal values. E.g.Ia5String,BmpString,PrintableString,TeletexString, andUniversalString. Contributed by Tudyx.Method names starting with
get_have been renamed to match Rust convention:CertificateRevocationList::get_params()->params()Certificate::get_params()->params()Certificate::get_key_identifier()->Certificate::key_identifier()Certificate::get_times()->Certificate::times()Added
RSA key generation support has been added. This support requires using the
aws-lc-rsfeature. By default usingKeyPair::generate_for()with an RSASignatureAlgorithmwill generate an RSA 2048 keypair. SeeKeyPair::generate_rsa_for()for support for RSA 2048, 3072 and 4096 key sizes.Support for ECDSA P521 signatures and key generation has been added when using the
aws-lc-rsfeature. Contributed by Alvenix.Support for loading private keys that may be PKCS8, PKCS1, or SEC1 has been added when using the
aws-lc-rsfeature. Without this feature private keys must be PKCS8. SeeKeyPair::from_pem_and_sign_algo()andKeyPair::from_der_and_sign_algo()for more information. Contributed by Alvenix.Support has been added for Subject Alternative Name (SAN) names of type
OtherName. Contributed by Tudyx.Support has been added for specifying custom "other" OIDs in extended key usage. Contributed by Tudyx.
Support has been added for building rcgen without cryptography by omitting the new (default-enabled)
cryptofeature flag. Contributed by corrideat.Support for using
aws-lc-rsinfipsmode can now be activated by using thefipsfeature in combination with theaws-lc-rsfeature. Contributed by BiagioFesta.A small command-line tool for certificate generation (
rustls-cert-gen) was added. Contributed by tbro.What's Changed
pemcrate feature by @daxpedda in https://github.com/rustls/rcgen/pull/204rustls-cert-genwith basic parameters. by @tbro in https://github.com/rustls/rcgen/pull/190Configuration
📅 Schedule: Branch creation - "after 8pm,before 6am" in timezone America/Los_Angeles, Automerge - "after 8pm,before 6am" in timezone America/Los_Angeles.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.