Skip to content

CSR

CSR parsing and generation helpers shared by Rust, FFI, and Python.

Csr Properties

Parse and build

Parse CSR properties and build a CSR.

CsrProperties::from_properties_str(properties: &str) -> Result<CsrProperties, CsrError>
CsrProperties::parse_csr_config(properties: &str) -> Result<CsrProperties, CsrError>
CsrProperties::parse_csr_config_file(path: impl AsRef<Path>) -> Result<CsrProperties, CsrError>
CsrProperties::build(&self, signer: &SigningKey, env: EnvironmentType) -> Result<Csr, CsrError>

CsrProperties.from_properties_str(properties: str) -> CsrProperties
CsrProperties.parse(properties: str) -> CsrProperties
CsrProperties.parse_file(path: str) -> CsrProperties
CsrProperties.build(key: SigningKey, env: Environment) -> Csr

FfiResult_FfiCsrProperties fatoora_csr_properties_from_str(const char* properties);
FfiResult_FfiCsrProperties fatoora_csr_properties_parse(const char* properties);
FfiResult_FfiCsrProperties fatoora_csr_properties_parse_file(const char* path);
FfiResult_FfiCsr fatoora_csr_build(FfiCsrProperties* props, FfiSigningKey* key, FfiEnvironment env);

Args

  • properties: CSR properties text.
  • path: file path for properties.
  • signer / key: signing key.
  • env: environment used to select template name.

Returns

  • CsrProperties: parsed properties.
  • Csr: CSR object built from properties.

Signing Key

Key generation and IO

Create and serialize signing keys.

SigningKey::generate() -> SigningKey
SigningKey::from_pem(pem: &str) -> Result<SigningKey, CsrError>
SigningKey::from_der(der: &[u8]) -> Result<SigningKey, CsrError>
SigningKey::to_pem(&self) -> Result<String, CsrError>
SigningKey::to_der(&self) -> Result<Vec<u8>, CsrError>

SigningKey.generate() -> SigningKey
SigningKey.from_pem(pem: str) -> SigningKey
SigningKey.from_der(der: bytes) -> SigningKey
SigningKey.to_pem() -> str
SigningKey.to_der() -> bytes

FfiResult_FfiSigningKey fatoora_signing_key_generate(void);
FfiResult_FfiSigningKey fatoora_signing_key_from_pem(const char* pem);
FfiResult_FfiSigningKey fatoora_signing_key_from_der(const uint8_t* der, uintptr_t len);
FfiResult_FfiString fatoora_signing_key_to_pem(FfiSigningKey* key);
FfiResult_FfiBytes fatoora_signing_key_to_der(FfiSigningKey* key);

Args

  • pem / der: PKCS#8 key material.

Returns

  • SigningKey: signing key handle.
  • pem / der: serialized key output.

CSR

CSR IO

Load and serialize CSR data.

Csr::from_der(der: &[u8]) -> Result<Csr, CsrError>
Csr::to_pem(&self) -> Result<String, CsrError>
Csr::to_der(&self) -> Result<Vec<u8>, CsrError>
Csr::to_base64(&self) -> Result<String, CsrError>
Csr::to_pem_base64(&self) -> Result<String, CsrError>
Csr::subject_string(&self) -> String
Csr::extension_values_der(&self) -> Vec<Vec<u8>>

Csr.from_der(der: bytes) -> Csr
Csr.to_pem() -> str
Csr.to_der() -> bytes
Csr.to_base64() -> str
Csr.to_pem_base64() -> str
Csr.subject_string() -> str
Csr.extension_values_der() -> list[bytes]

FfiResult_FfiCsr fatoora_csr_from_der(const uint8_t* der, uintptr_t len);
FfiResult_FfiString fatoora_csr_to_pem(FfiCsr* csr);
FfiResult_FfiBytes fatoora_csr_to_der(FfiCsr* csr);
FfiResult_FfiString fatoora_csr_to_base64(FfiCsr* csr);
FfiResult_FfiString fatoora_csr_to_pem_base64(FfiCsr* csr);
FfiResult_FfiString fatoora_csr_subject_string(FfiCsr* csr);
FfiResult_FfiBytesList fatoora_csr_extension_values_der(FfiCsr* csr);

Args

  • der: CSR in DER format.

Returns

  • Csr: CSR object.
  • pem / der / base64: serialized CSR output.

Errors

Errors

  • CsrError covers parsing, missing fields, subject/SAN build failures, encoding issues, and IO.

Notes

  • The template name extension is selected from EnvironmentType.
  • Csr.to_pem_base64() is the value expected by the ZATCA compliance endpoint.

See also: CSR Guide