Skip to content

Commit

Permalink
support reading EC private key
Browse files Browse the repository at this point in the history
  • Loading branch information
@neevek
neevek committed Nov 27, 2023
1 parent 21ee685 commit 1db901f
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 17 deletions.
10 changes: 0 additions & 10 deletions convert_ec_to_pkcs8.sh
View file

This file was deleted.

17 changes: 10 additions & 7 deletions src/pem_util.rs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
use anyhow::bail;
use anyhow::Context;
use anyhow::Result;
use rustls::{Certificate, PrivateKey};
use rustls_pemfile::Item;
use std::{fs::File, io::BufReader};

pub fn load_certificates_from_pem(path: &str) -> Result<Vec<Certificate>> {
Expand All @@ -13,12 +15,13 @@ pub fn load_certificates_from_pem(path: &str) -> Result<Vec<Certificate>> {
pub fn load_private_key_from_pem(path: &str) -> Result<PrivateKey> {
let file = File::open(path)?;
let mut reader = BufReader::new(&file);
let mut keys = rustls_pemfile::pkcs8_private_keys(&mut reader)?;
if keys.is_empty() {
let mut reader = BufReader::new(&file);
keys = rustls_pemfile::rsa_private_keys(&mut reader)?;
}

let first_key = keys.first().context("failed to load private key")?;
Ok(PrivateKey(first_key.to_owned()))
let key = match rustls_pemfile::read_one(&mut reader).context("failed to read private key")? {
Some(Item::RSAKey(key)) => key,
Some(Item::PKCS8Key(key)) => key,
Some(Item::ECKey(key)) => key,
_ => bail!("unexpected private key"),
};

Ok(PrivateKey(key.to_owned()))
}

0 comments on commit 1db901f

Please sign in to comment.