trz_gateway_common/security_configuration/certificate/
mod.rs

1use std::sync::Arc;
2
3use openssl::x509::X509;
4use openssl::x509::X509Ref;
5
6use self::cache::CachedCertificate;
7use self::cache::MemoizedCertificate;
8use crate::certificate_info::X509CertificateInfo;
9use crate::is_global::IsGlobal;
10use crate::is_global::IsGlobalError;
11
12pub mod as_trusted_store;
13pub mod cache;
14pub mod dynamic;
15pub mod pem;
16pub mod tls_server;
17
18/// Trait for X509 certificate along with the intermediates.
19pub trait CertificateConfig: IsGlobal {
20    type Error: IsGlobalError;
21
22    /// Computes the list of intermediate certificates.
23    fn intermediates(&self) -> Result<Arc<Vec<X509>>, Self::Error>;
24
25    /// Computes the X509 leaf certificate
26    fn certificate(&self) -> Result<Arc<X509CertificateInfo>, Self::Error>;
27
28    /// Whether the certificate can change over time, ie Let's Encrypt certificates.
29    fn is_dynamic(&self) -> bool {
30        false
31    }
32
33    /// Returns a memoized [CertificateConfig].
34    fn memoize(self) -> MemoizedCertificate<Self>
35    where
36        Self: Sized,
37    {
38        MemoizedCertificate::new(self)
39    }
40
41    /// Returns a cached [CertificateConfig].
42    fn cache(self) -> Result<CachedCertificate, Self::Error>
43    where
44        Self: Sized,
45    {
46        CachedCertificate::new(self.memoize())
47    }
48}
49
50impl X509CertificateInfo {
51    /// Prints a textual representation of a certificate.
52    pub fn display(&self) -> impl std::fmt::Display {
53        display_x509_certificate(&self.certificate)
54    }
55}
56
57pub fn display_x509_certificate(certificate: &X509Ref) -> impl std::fmt::Display {
58    certificate
59        .to_text()
60        .map(String::from_utf8)
61        .unwrap_or_else(|error| Ok(error.to_string()))
62        .unwrap_or_else(|error| error.to_string())
63}
64
65impl<T: CertificateConfig> CertificateConfig for Arc<T> {
66    type Error = T::Error;
67
68    fn intermediates(&self) -> Result<Arc<Vec<X509>>, Self::Error> {
69        self.as_ref().intermediates()
70    }
71
72    fn certificate(&self) -> Result<Arc<X509CertificateInfo>, Self::Error> {
73        self.as_ref().certificate()
74    }
75
76    fn is_dynamic(&self) -> bool {
77        self.as_ref().is_dynamic()
78    }
79}