Merge #24

24: feat: upstream internal code r=[xinyufort] a=Taowyoo

- Add OIDs
- Add `Ia5String`
- Add x509 extension `CertificatePolicies` and related ASN1 types
- Add tests

Co-authored-by: Yuxiang Cao <yuxiang.cao@fortanix.com>

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "pkix"
-version = "0.2.2"
+version = "0.2.3"
 authors = ["Fortanix Inc."]
 license = "MPL-2.0"
 description = "TLS Certificate encoding and decoding helpers."

src/oid.rs

@@ -37,6 +37,22 @@ lazy_static! {
     pub static ref authorityKeyIdentifier: ObjectIdentifier = vec![2, 5, 29, 35].into();
     pub static ref keyUsage: ObjectIdentifier = vec![2, 5, 29, 15].into();
     pub static ref subjectDirectoryAttributes: ObjectIdentifier = vec![2, 5, 29, 9].into();
+    /// The certificatePolicies extension, as defined in [RFC 5280 Section 4.2.1.4].
+    ///
+    /// [RFC 5280 Section 4.2.1.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
+    pub static ref certificatePolicies: ObjectIdentifier        = vec![2, 5, 29, 32].into();
+    /// The special policy identifier anyPolicy, as per [RFC 5280 Section 4.2.1.4].
+    ///
+    /// [RFC 5280 Section 4.2.1.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
+    pub static ref ANY_POLICY: ObjectIdentifier = vec![2, 5, 29, 32, 0].into();
+    /// The ID for the CPS Pointer policy qualifier, as per [RFC 5280 Section 4.2.1.4].
+    ///
+    /// [RFC 5280 Section 4.2.1.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
+    pub static ref ID_QT_CPS: ObjectIdentifier =     vec![1, 3, 6, 1, 5, 5, 7, 2, 1].into();
+    /// The ID for the user notice policy qualifier, as per [RFC 5280 Section 4.2.1.4].
+    ///
+    /// [RFC 5280 Section 4.2.1.4]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
+    pub static ref ID_QT_UNOTICE: ObjectIdentifier = vec![1, 3, 6, 1, 5, 5, 7, 2, 2].into();
 
     // PKCS #9 attributes
     pub static ref extensionRequest: ObjectIdentifier = vec![1, 2, 840, 113549, 1, 9, 14].into();

src/types.rs

@@ -892,6 +892,38 @@ impl AsRef<[u8]> for OctetString {
     }
 }
 
+/// ASN.1 `IA5String` type.
+///
+/// Supports the [International Alphabet No. 5 (IA5)] character encoding, i.e.
+/// the lower 128 characters of the ASCII alphabet. (Note: IA5 is now
+/// technically known as the International Reference Alphabet or IRA as
+/// specified in the ITU-T's T.50 recommendation).
+///
+/// For UTF-8, use [`String`][`alloc::string::String`].
+///
+/// [International Alphabet No. 5 (IA5)]: https://en.wikipedia.org/wiki/T.50_%28standard%29
+#[derive(Clone, Debug, Eq, PartialEq, PartialOrd, Ord, Hash)]
+pub struct Ia5String(pub String);
+
+impl BERDecodable for Ia5String {
+    fn decode_ber(reader: BERReader) -> ASN1Result<Self> {
+        Ok(Ia5String(reader.read_ia5_string()?))
+    }
+}
+
+impl DerWrite for Ia5String {
+    fn write(&self, writer: DERWriter) {
+        writer.write_ia5_string_safe(&self.0)
+    }
+}
+
+impl From<String> for Ia5String {
+    fn from(value: String) -> Self {
+        Self(value)
+    }
+}
+
+
 derive_sequence!{
     /// X.509 `AlgorithmIdentifier` as defined in [RFC 5280 Section 4.1.1.2].
     ///