1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
use std::fmt;
use rustls::internal::pemfile;
#[derive(Debug, Clone)]
pub struct Certificate {
pub(crate) inner: rustls::Certificate,
}
impl Certificate {
pub fn from_der(der: &[u8]) -> Result<Self, ParseError> {
Ok(Self {
inner: rustls::Certificate(der.to_vec()),
})
}
pub fn from_pem(pem: &[u8]) -> Result<Self, ParseError> {
let certs = pemfile::certs(&mut &pem[..]).map_err(|()| ParseError("invalid pem cert"))?;
if let Some(pem) = certs.into_iter().next() {
return Ok(Self { inner: pem });
}
Err(ParseError("no cert found"))
}
pub fn as_der(&self) -> &[u8] {
&self.inner.0
}
}
impl From<rustls::Certificate> for Certificate {
fn from(inner: rustls::Certificate) -> Self {
Certificate { inner }
}
}
#[derive(Debug, Clone)]
pub struct CertificateChain {
pub(crate) certs: Vec<rustls::Certificate>,
}
impl CertificateChain {
pub fn from_pem(pem: &[u8]) -> Result<Self, ParseError> {
Ok(Self {
certs: pemfile::certs(&mut &pem[..])
.map_err(|()| ParseError("malformed certificate chain"))?,
})
}
pub fn from_certs(certs: impl IntoIterator<Item = Certificate>) -> Self {
certs.into_iter().collect()
}
pub fn iter(&self) -> impl Iterator<Item = &rustls::Certificate> {
self.certs.iter()
}
}
impl std::iter::FromIterator<Certificate> for CertificateChain {
fn from_iter<T>(iter: T) -> Self
where
T: IntoIterator<Item = Certificate>,
{
CertificateChain {
certs: iter.into_iter().map(|x| x.inner).collect(),
}
}
}
impl From<Vec<rustls::Certificate>> for CertificateChain {
fn from(certs: Vec<rustls::Certificate>) -> Self {
Self { certs }
}
}
impl IntoIterator for CertificateChain {
type Item = rustls::Certificate;
type IntoIter = std::vec::IntoIter<rustls::Certificate>;
fn into_iter(self) -> Self::IntoIter {
self.certs.into_iter()
}
}
impl<'a> IntoIterator for &'a CertificateChain {
type Item = &'a rustls::Certificate;
type IntoIter = std::slice::Iter<'a, rustls::Certificate>;
fn into_iter(self) -> Self::IntoIter {
self.certs.iter()
}
}
#[derive(Debug, Clone)]
pub struct PrivateKey {
pub(crate) inner: rustls::PrivateKey,
}
impl PrivateKey {
pub fn from_pem(pem: &[u8]) -> Result<Self, ParseError> {
let pkcs8 = pemfile::pkcs8_private_keys(&mut &pem[..])
.map_err(|()| ParseError("malformed PKCS #8 private key"))?;
if let Some(x) = pkcs8.into_iter().next() {
return Ok(Self { inner: x });
}
let rsa = pemfile::rsa_private_keys(&mut &pem[..])
.map_err(|()| ParseError("malformed PKCS #1 private key"))?;
if let Some(x) = rsa.into_iter().next() {
return Ok(Self { inner: x });
}
Err(ParseError("no private key found"))
}
pub fn from_der(der: &[u8]) -> Result<Self, ParseError> {
Ok(Self {
inner: rustls::PrivateKey(der.to_vec()),
})
}
}
#[derive(Debug, Clone)]
pub struct ParseError(&'static str);
impl std::error::Error for ParseError {}
impl fmt::Display for ParseError {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
f.pad(self.0)
}
}