From 95257a5d3f6d3ab2b10f8925e2be9ee653fb7381 Mon Sep 17 00:00:00 2001
From: Daniel McCarney <daniel@binaryparadox.net>
Date: Mon, 25 Mar 2024 17:11:06 -0400
Subject: [PATCH 1/2] lib: export csr::CertificateSigningRequest

This type is meant to be part of the public API, but the `csr` module is
not exported. Therefore we have to re-export the type in `lib.rs`.
---
 rcgen/src/csr.rs | 1 +
 rcgen/src/lib.rs | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/rcgen/src/csr.rs b/rcgen/src/csr.rs
index 1d5cb7e9..aa2c2770 100644
--- a/rcgen/src/csr.rs
+++ b/rcgen/src/csr.rs
@@ -27,6 +27,7 @@ impl PublicKeyData for PublicKey {
 	}
 }
 
+/// A certificate signing request (CSR) that can be encoded to PEM or DER.
 pub struct CertificateSigningRequest {
 	pub(crate) der: CertificateSigningRequestDer<'static>,
 }
diff --git a/rcgen/src/lib.rs b/rcgen/src/lib.rs
index 6e7688ec..ada82002 100644
--- a/rcgen/src/lib.rs
+++ b/rcgen/src/lib.rs
@@ -56,7 +56,7 @@ pub use crl::{
 	CertificateRevocationList, CertificateRevocationListParams, CrlDistributionPoint,
 	CrlIssuingDistributionPoint, CrlScope, RevocationReason, RevokedCertParams,
 };
-pub use csr::{CertificateSigningRequestParams, PublicKey};
+pub use csr::{CertificateSigningRequest, CertificateSigningRequestParams, PublicKey};
 pub use error::{Error, InvalidAsn1String};
 use key_pair::PublicKeyData;
 #[cfg(all(feature = "crypto", feature = "aws_lc_rs"))]

From 748709df9e7e820c77cc827baa49a81da7912827 Mon Sep 17 00:00:00 2001
From: Daniel McCarney <daniel@binaryparadox.net>
Date: Mon, 25 Mar 2024 17:30:05 -0400
Subject: [PATCH 2/2] tests: add simple CSR round-trip

---
 rcgen/tests/generic.rs | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/rcgen/tests/generic.rs b/rcgen/tests/generic.rs
index cb809040..3d5075b8 100644
--- a/rcgen/tests/generic.rs
+++ b/rcgen/tests/generic.rs
@@ -357,3 +357,20 @@ mod test_parse_other_name_alt_name {
 		assert_eq!(subject_alt_names, expected_alt_names);
 	}
 }
+
+#[cfg(feature = "x509-parser")]
+mod test_csr {
+	use rcgen::{CertificateParams, CertificateSigningRequestParams, KeyPair};
+
+	#[test]
+	fn test_csr_roundtrip() {
+		// We should be able to serialize a CSR, and then parse the CSR.
+		_ = CertificateSigningRequestParams::from_der(
+			CertificateParams::default()
+				.serialize_request(&KeyPair::generate().unwrap())
+				.unwrap()
+				.der(),
+		)
+		.unwrap();
+	}
+}