aboutsummaryrefslogtreecommitdiff
path: root/src/tls_util.rs
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2020-04-12 15:51:19 +0200
committerAlex Auvolat <alex@adnab.me>2020-04-12 15:51:19 +0200
commitd1e8f78b2cd28f4514ad6f7d54aae6aaa4ef3f15 (patch)
tree74ac969472fad3baa8f5a3cdac6bfc6b3846d2e3 /src/tls_util.rs
parent5967c5a5af430855fbd73f380041d63bd82f5ce1 (diff)
downloadgarage-d1e8f78b2cd28f4514ad6f7d54aae6aaa4ef3f15.tar.gz
garage-d1e8f78b2cd28f4514ad6f7d54aae6aaa4ef3f15.zip
Trying to do TLS
Diffstat (limited to 'src/tls_util.rs')
-rw-r--r--src/tls_util.rs46
1 files changed, 46 insertions, 0 deletions
diff --git a/src/tls_util.rs b/src/tls_util.rs
new file mode 100644
index 00000000..a9e16c53
--- /dev/null
+++ b/src/tls_util.rs
@@ -0,0 +1,46 @@
+use std::{fs, io};
+
+use rustls::internal::pemfile;
+
+use crate::error::Error;
+
+pub fn load_certs(filename: &str) -> Result<Vec<rustls::Certificate>, Error> {
+ let certfile = fs::File::open(&filename)?;
+ let mut reader = io::BufReader::new(certfile);
+
+ let certs = pemfile::certs(&mut reader).map_err(|_| {
+ Error::Message(format!(
+ "Could not deecode certificates from file: {}",
+ filename
+ ))
+ })?;
+
+ if certs.is_empty() {
+ return Err(Error::Message(format!(
+ "Invalid certificate file: {}",
+ filename
+ )));
+ }
+ Ok(certs)
+}
+
+pub fn load_private_key(filename: &str) -> Result<rustls::PrivateKey, Error> {
+ let keyfile = fs::File::open(&filename)?;
+ let mut reader = io::BufReader::new(keyfile);
+
+ let keys = pemfile::rsa_private_keys(&mut reader).map_err(|_| {
+ Error::Message(format!(
+ "Could not decode private key from file: {}",
+ filename
+ ))
+ })?;
+
+ if keys.len() != 1 {
+ return Err(Error::Message(format!(
+ "Invalid private key file: {} ({} private keys)",
+ filename,
+ keys.len()
+ )));
+ }
+ Ok(keys[0].clone())
+}