Skip to content

Commit

Permalink
Improve input type explanation
Browse files Browse the repository at this point in the history
  • Loading branch information
djc committed Mar 15, 2024
1 parent b24e286 commit 36ab557
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 17 deletions.
8 changes: 4 additions & 4 deletions rcgen/src/certificate.rs
Original file line number Diff line number Diff line change
Expand Up @@ -248,11 +248,11 @@ impl CertificateParams {
/// for the presence of the `BasicConstraints` extension, or perform any other
/// validation.
///
/// You can use [`rustls_pemfile::certs`] to get the `ca_cert` input. If
/// you have already a byte slice, just calling `into()` and taking a reference
/// will convert it to [`CertificateDer`].
/// [`rustls_pemfile::certs()`] is often used to obtain a [`CertificateDer`] from PEM input.
/// If you alread have a byte slice containing DER, it can trivially be converted into
/// [`CertificateDer`] using the [`Into`] trait.
///
/// [`rustls_pemfile::certs`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.certs.html
/// [`rustls_pemfile::certs()`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.certs.html
#[cfg(feature = "x509-parser")]
pub fn from_ca_cert_der(ca_cert: &CertificateDer<'_>) -> Result<Self, Error> {
let (_remainder, x509) = x509_parser::parse_x509_certificate(ca_cert)
Expand Down
8 changes: 4 additions & 4 deletions rcgen/src/csr.rs
Original file line number Diff line number Diff line change
Expand Up @@ -47,11 +47,11 @@ impl CertificateSigningRequestParams {
/// Currently, this only supports the `Subject Alternative Name` extension.
/// On encountering other extensions, this function will return an error.
///
/// You can use [`rustls_pemfile::csr`] to get the `csr` input. If
/// you have already a byte slice, just calling `into()` and taking a reference
/// will convert it to [`CertificateSigningRequestDer`].
/// [`rustls_pemfile::csr()`] is often used to obtain a [`CertificateSigningRequestDer`] from
/// PEM input. If you alread have a byte slice containing DER, it can trivially be converted
/// into [`CertificateSigningRequestDer`] using the [`Into`] trait.
///
/// [`rustls_pemfile::csr`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.csr.html
/// [`rustls_pemfile::csr()`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.csr.html
#[cfg(feature = "x509-parser")]
pub fn from_der(csr: &CertificateSigningRequestDer<'_>) -> Result<Self, Error> {
use x509_parser::prelude::FromDer;
Expand Down
22 changes: 13 additions & 9 deletions rcgen/src/key_pair.rs
Original file line number Diff line number Diff line change
Expand Up @@ -202,16 +202,18 @@ impl KeyPair {

/// Obtains the key pair from a DER formatted key using the specified [`SignatureAlgorithm`]
///
/// You can use [`rustls_pemfile::private_key`] to get the `pkcs8` input. If
/// you have already a byte slice, just calling `into()` and taking a reference
/// will convert it to a [`PrivatePkcs8KeyDer`].
///
/// If you have a [`PrivatePkcs8KeyDer`], you can usually rely on the [`TryFrom`] implementation
/// to obtain a [`KeyPair`] -- it will determine the correct [`SignatureAlgorithm`] for you.
/// However, sometimes multiple signature algorithms fit for the same DER key. In those instances,
/// you can use this function to precisely specify the `SignatureAlgorithm`.
///
/// [`rustls_pemfile::private_key`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.private_key.html
/// [`rustls_pemfile::private_key()`] is often used to obtain a [`PrivateKeyDer`] from PEM
/// input. If the obtained [`PrivateKeyDer`] is a `Pkcs8` variant, you can use its contents
/// as input for this function. Alternatively, if you alread have a byte slice containing DER,
/// it can trivially be converted into [`PrivatePkcs8KeyDer`] using the [`Into`] trait.
///
/// [`rustls_pemfile::private_key()`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.private_key.html
/// [`PrivateKeyDer`]: https://docs.rs/rustls-pki-types/latest/rustls_pki_types/enum.PrivateKeyDer.html
#[cfg(feature = "crypto")]
pub fn from_der_and_sign_algo(
pkcs8: &PrivatePkcs8KeyDer<'_>,
Expand Down Expand Up @@ -259,11 +261,13 @@ impl KeyPair {

/// Parses the key pair from the DER format
///
/// You can use [`rustls_pemfile::private_key`] to get the `pkcs8` input. If
/// you have already a byte slice, just calling `into()` and taking a reference
/// will convert it to a [`PrivatePkcs8KeyDer`].
/// [`rustls_pemfile::private_key()`] is often used to obtain a [`PrivateKeyDer`] from PEM
/// input. If the obtained [`PrivateKeyDer`] is a `Pkcs8` variant, you can use its contents
/// as input for this function. Alternatively, if you alread have a byte slice containing DER,
/// it can trivially be converted into [`PrivatePkcs8KeyDer`] using the [`Into`] trait.
///
/// [`rustls_pemfile::private_key`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.private_key.html
/// [`rustls_pemfile::private_key()`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.private_key.html
/// [`PrivateKeyDer`]: https://docs.rs/rustls-pki-types/latest/rustls_pki_types/enum.PrivateKeyDer.html
#[cfg(feature = "crypto")]
pub(crate) fn from_raw(
pkcs8: &PrivatePkcs8KeyDer,
Expand Down

0 comments on commit 36ab557

Please sign in to comment.