p12-keystore 0.3.0

Convenient API to work with PKCS#12 files
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

use std::fmt;

use der::oid::ObjectIdentifier;
use pkcs8::PrivateKeyInfoRef;

use crate::{Result, cert::Certificate, error::Error};

/// Wrapper for a local key id
#[derive(Clone, PartialEq, Eq)]
pub struct LocalKeyId(pub Vec<u8>);

impl From<Vec<u8>> for LocalKeyId {
    fn from(value: Vec<u8>) -> Self {
        Self(value)
    }
}

impl From<&[u8]> for LocalKeyId {
    fn from(value: &[u8]) -> Self {
        Self(value.to_vec())
    }
}

impl From<&str> for LocalKeyId {
    fn from(value: &str) -> Self {
        Self(value.as_bytes().to_vec())
    }
}

impl From<String> for LocalKeyId {
    fn from(value: String) -> Self {
        Self(value.into())
    }
}

impl AsRef<[u8]> for LocalKeyId {
    fn as_ref(&self) -> &[u8] {
        &self.0
    }
}

impl fmt::Debug for LocalKeyId {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_tuple("LocalKeyId").field(&hex::encode(&self.0)).finish()
    }
}

/// PKCS#8 private key wrapper
#[derive(Clone, PartialEq, Eq)]
pub struct PrivateKey {
    pub(crate) data: Vec<u8>,
    pub(crate) oid: ObjectIdentifier,
}

impl PrivateKey {
    /// Parses a PKCS#8 private key encoded in DER format and constructs a new instance of the struct.
    pub fn from_der(data: &[u8]) -> Result<Self> {
        let info: PrivateKeyInfoRef = data.try_into().map_err(|_| Error::InvalidPrivateKey)?;
        Ok(Self {
            data: data.to_vec(),
            oid: info.algorithm.oid,
        })
    }

    /// Returns a reference to the private key data in PKCS#8 DER-encoded format.
    pub fn as_der(&self) -> &[u8] {
        &self.data
    }

    /// Returns an ObjectIdentifier of the key algorithm.
    pub fn oid(&self) -> ObjectIdentifier {
        self.oid
    }
}

impl fmt::Debug for PrivateKey {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_struct("PrivateKey")
            .field("data", &"<PKCS#8>")
            .field("oid", &self.oid)
            .finish()
    }
}

/// PrivateKeyChain represents a private key and a certificate chain
#[derive(Clone, PartialEq, Eq)]
pub struct PrivateKeyChain {
    pub(crate) key: PrivateKey,
    pub(crate) local_key_id: LocalKeyId, // Could it be optional?
    pub(crate) certs: Vec<Certificate>,
}

impl PrivateKeyChain {
    /// Creates a new keychain with a given key id, private key and a list of certificates.
    /// The leaf (entity) certificate must be the first in the list, and the root certificate must be the last.
    pub fn new<K, I>(local_key_id: K, key: PrivateKey, certs: I) -> Self
    where
        K: Into<LocalKeyId>,
        I: IntoIterator<Item = Certificate>,
    {
        Self {
            key,
            local_key_id: local_key_id.into(),
            certs: certs.into_iter().collect(),
        }
    }

    /// Get a private key
    pub fn key(&self) -> &PrivateKey {
        &self.key
    }

    /// Get certificates
    pub fn certs(&self) -> &[Certificate] {
        &self.certs
    }

    /// Get local key id
    pub fn local_key_id(&self) -> &LocalKeyId {
        &self.local_key_id
    }
}

impl fmt::Debug for PrivateKeyChain {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_struct("PrivateKeyChain")
            .field("key", &self.key)
            .field("certs", &self.certs)
            .field("local_key_id", &hex::encode(&self.local_key_id))
            .finish()
    }
}