Skip to content

Commit

Permalink
Adding EC private keys to rustls config (#787)
Browse files Browse the repository at this point in the history 
* Add ed25519 to to private keycert build

* Fix type of ec private key
  • Loading branch information
@melefo
melefo authored May 24, 2024
1 parent 68f694d commit 446b0cf
Showing 1 changed file with 16 additions and 9 deletions.
25 changes: 16 additions & 9 deletions crates/core/src/conn/rustls/config.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,20 +88,27 @@ impl Keycert {
.collect::<Vec<_>>();

let key = {
let mut pkcs8 = rustls_pemfile::pkcs8_private_keys(&mut self.key.as_ref())
let mut ec = rustls_pemfile::ec_private_keys(&mut self.key.as_ref())
.collect::<Result<Vec<_>, _>>()
.map_err(|_| IoError::new(ErrorKind::Other, "failed to parse tls private keys"))?;
if !pkcs8.is_empty() {
PrivateKeyDer::Pkcs8(pkcs8.remove(0))
if !ec.is_empty() {
PrivateKeyDer::Sec1(ec.remove(0))
} else {
let mut rsa = rustls_pemfile::rsa_private_keys(&mut self.key.as_ref())
let mut pkcs8 = rustls_pemfile::pkcs8_private_keys(&mut self.key.as_ref())
.collect::<Result<Vec<_>, _>>()
.map_err(|_| IoError::new(ErrorKind::Other, "failed to parse tls private keys"))?;

if !rsa.is_empty() {
PrivateKeyDer::Pkcs1(rsa.remove(0))
if !pkcs8.is_empty() {
PrivateKeyDer::Pkcs8(pkcs8.remove(0))
} else {
return Err(IoError::new(ErrorKind::Other, "failed to parse tls private keys"));
let mut rsa = rustls_pemfile::rsa_private_keys(&mut self.key.as_ref())
.collect::<Result<Vec<_>, _>>()
.map_err(|_| IoError::new(ErrorKind::Other, "failed to parse tls private keys"))?;

if !rsa.is_empty() {
PrivateKeyDer::Pkcs1(rsa.remove(0))
} else {
return Err(IoError::new(ErrorKind::Other, "failed to parse tls private keys"));
}
}
}
};
Expand Down Expand Up @@ -308,4 +315,4 @@ where
fn into_stream(self) -> Self {
self
}
}
}

0 comments on commit 446b0cf

Please sign in to comment.