Support both rsa and pkcs8 keys

This commit is contained in:
Nicholas Rempel 2021-11-08 11:37:34 -08:00 committed by masalachai
parent 356194af08
commit cf8f11c35b
1 changed files with 21 additions and 8 deletions

View File

@ -54,6 +54,7 @@ use rustls_pemfile;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use std::collections::HashMap; use std::collections::HashMap;
use std::default; use std::default;
use std::io::{Seek, SeekFrom};
use std::{fs, io}; use std::{fs, io};
lazy_static! { lazy_static! {
@ -145,16 +146,28 @@ impl EppClientConnection {
.collect() .collect()
}) })
} }
/// Parses the client RSA private key /// Parses the client private key
fn key(&self) -> Option<PrivateKey> { fn key(&self) -> Option<PrivateKey> {
self.tls_files.as_ref().map(|tls| { self.tls_files.as_ref().map(|tls| {
rustls::PrivateKey( let mut r = io::BufReader::new(fs::File::open(tls.key.to_string()).unwrap());
rustls_pemfile::rsa_private_keys(&mut io::BufReader::new(
fs::File::open(tls.key.to_string()).unwrap(), let rsa_keys = rustls_pemfile::rsa_private_keys(&mut r).unwrap();
)) if rsa_keys.len() > 1 {
.unwrap()[0] warn!("Multiple RSA keys found in PEM file {}", tls.key);
.clone(), } else if !rsa_keys.is_empty() {
) return rustls::PrivateKey(rsa_keys[0].clone());
}
r.seek(SeekFrom::Start(0)).unwrap();
let pkcs8_keys = rustls_pemfile::pkcs8_private_keys(&mut r).unwrap();
if pkcs8_keys.len() > 1 {
warn!("Multiple PKCS8 keys found in PEM file {}", tls.key);
} else if !pkcs8_keys.is_empty() {
return rustls::PrivateKey(pkcs8_keys[0].clone());
}
panic!("No private key found in PEM file");
}) })
} }
} }