Skip to content

Commit

Permalink
Add support for PEM encoded private key in RSA and SEC1 Elliptic Curv…
Browse files Browse the repository at this point in the history
…e format
  • Loading branch information
Heiss Manuel (LDC) committed Jun 27, 2024
1 parent 17d7107 commit 0f6e59d
Showing 1 changed file with 18 additions and 1 deletion.
19 changes: 18 additions & 1 deletion amqprs/src/api/tls.rs
Original file line number Diff line number Diff line change
Expand Up @@ -118,8 +118,25 @@ impl TlsAdaptor {

fn build_client_private_keys(client_private_key: &Path) -> std::io::Result<Vec<PrivateKey>> {
let mut pem = BufReader::new(File::open(client_private_key)?);
let keys = rustls_pemfile::pkcs8_private_keys(&mut pem)?;
let keys = Self::read_private_keys_from_pem(&mut pem)?;
let keys = keys.into_iter().map(PrivateKey);
Ok(keys.collect())
}

/// Parses PEM encoded private keys.
///
/// The input should PEM encoded private key in RSA, SEC1 Elliptic Curve or PKCS#8 format.
fn read_private_keys_from_pem(rd: &mut dyn std::io::BufRead) -> Result<Vec<Vec<u8>>, std::io::Error> {
let mut keys = Vec::new();

loop {
match rustls_pemfile::read_one(rd)? {
None => return Ok(keys),
Some(rustls_pemfile::Item::RSAKey(key)) => keys.push(key), //PKCS1

Check warning on line 135 in amqprs/src/api/tls.rs

View check run for this annotation

Codecov / codecov/patch

amqprs/src/api/tls.rs#L135

Added line #L135 was not covered by tests
Some(rustls_pemfile::Item::PKCS8Key(key)) => keys.push(key),
Some(rustls_pemfile::Item::ECKey(key)) => keys.push(key), //SEC1
_ => {}

Check warning on line 138 in amqprs/src/api/tls.rs

View check run for this annotation

Codecov / codecov/patch

amqprs/src/api/tls.rs#L137-L138

Added lines #L137 - L138 were not covered by tests
};
}
}
}

0 comments on commit 0f6e59d

Please sign in to comment.