mysql 28.0.0

Mysql client library implemented in rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

#![cfg(feature = "rustls")]

use rustls::pki_types::{CertificateDer, PrivateKeyDer, PrivatePkcs1KeyDer};
use rustls_pemfile::{certs, ec_private_keys, pkcs8_private_keys, rsa_private_keys};

use std::{borrow::Cow, path::Path};

#[derive(Debug, Clone, PartialEq, Eq, Hash)]
pub struct ClientIdentity {
    cert_chain_path: Cow<'static, Path>,
    priv_key_path: Cow<'static, Path>,
}

impl ClientIdentity {
    /// Creates new identity.
    ///
    /// `cert_chain_path` - path to a certificate chain (in PEM or DER)
    /// `priv_key_path` - path to a private key (in DER or PEM) (it'll take the first one)
    pub fn new<T, U>(cert_chain_path: T, priv_key_path: U) -> Self
    where
        T: Into<Cow<'static, Path>>,
        U: Into<Cow<'static, Path>>,
    {
        Self {
            cert_chain_path: cert_chain_path.into(),
            priv_key_path: priv_key_path.into(),
        }
    }

    /// Sets the certificate chain path (in DER or PEM).
    pub fn with_cert_chain_path<T>(mut self, cert_chain_path: T) -> Self
    where
        T: Into<Cow<'static, Path>>,
    {
        self.cert_chain_path = cert_chain_path.into();
        self
    }

    /// Sets the private key path (in DER or PEM) (it'll take the first one).
    pub fn with_priv_key_path<T>(mut self, priv_key_path: T) -> Self
    where
        T: Into<Cow<'static, Path>>,
    {
        self.priv_key_path = priv_key_path.into();
        self
    }

    /// Returns the certificate chain path.
    pub fn cert_chain_path(&self) -> &Path {
        self.cert_chain_path.as_ref()
    }

    /// Returns the private key path.
    pub fn priv_key_path(&self) -> &Path {
        self.priv_key_path.as_ref()
    }

    pub(crate) fn load(
        &self,
    ) -> crate::Result<(Vec<CertificateDer<'static>>, PrivateKeyDer<'static>)> {
        let cert_data = std::fs::read(self.cert_chain_path.as_ref())?;
        let key_data = std::fs::read(self.priv_key_path.as_ref())?;

        let mut cert_chain = Vec::new();
        for cert in certs(&mut &*cert_data) {
            cert_chain.push(cert?.to_owned());
        }
        if cert_chain.is_empty() && !cert_data.is_empty() {
            cert_chain.push(CertificateDer::from(cert_data));
        }

        let mut priv_key = None;

        for key in rsa_private_keys(&mut &*key_data).take(1) {
            priv_key = Some(PrivateKeyDer::Pkcs1(key?.clone_key()));
        }

        if priv_key.is_none() {
            for key in pkcs8_private_keys(&mut &*key_data).take(1) {
                priv_key = Some(PrivateKeyDer::Pkcs8(key?.clone_key()))
            }
        }

        if priv_key.is_none() {
            for key in ec_private_keys(&mut &*key_data).take(1) {
                priv_key = Some(PrivateKeyDer::Sec1(key?.clone_key()))
            }
        }

        if let Some(priv_key) = priv_key {
            return Ok((cert_chain, priv_key));
        }

        match PrivateKeyDer::try_from(key_data.as_slice()) {
            Ok(key) => Ok((cert_chain, key.clone_key())),
            Err(_) => Ok((
                cert_chain,
                PrivateKeyDer::Pkcs1(PrivatePkcs1KeyDer::from(key_data)),
            )),
        }
    }
}

#[cfg(test)]
mod tests {
    use std::path::Path;

    use rustls::pki_types::PrivateKeyDer;

    use crate::ClientIdentity;

    #[test]
    fn load_pkcs1() {
        let (_certs, key_pem) = ClientIdentity::new(
            Path::new("tests/client.crt"),
            Path::new("tests/client-key.pem"),
        )
        .load()
        .unwrap();
        assert!(matches!(key_pem, PrivateKeyDer::Pkcs1(_)));

        let (_certs, key_der) = ClientIdentity::new(
            Path::new("tests/client.crt"),
            Path::new("tests/client-key.pem"),
        )
        .load()
        .unwrap();
        assert!(matches!(key_der, PrivateKeyDer::Pkcs1(_)));

        assert_eq!(key_der, key_pem);
    }

    #[test]
    fn load_pkcs8() {
        let (_certs, key_der) = ClientIdentity::new(
            Path::new("tests/client.crt"),
            Path::new("tests/client-key.pkcs8.der"),
        )
        .load()
        .unwrap();
        assert!(matches!(key_der, PrivateKeyDer::Pkcs8(_)));

        let (_certs, key_pem) = ClientIdentity::new(
            Path::new("tests/client.crt"),
            Path::new("tests/client-key.pkcs8.pem"),
        )
        .load()
        .unwrap();
        assert!(matches!(key_pem, PrivateKeyDer::Pkcs8(_)));

        assert_eq!(key_der, key_pem);
    }
}