Skip to content

Commit 974806b

Browse files
BiagioFestaBiagioFesta
committed
migration from rustls-pemfile to rustls-pki-types
1 parent 84ce91b commit 974806b

File tree

2 files changed

+39
-23
lines changed

2 files changed

+39
-23
lines changed

wtransport/Cargo.toml

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,7 @@ quinn = { version = "0.11.6", default-features = false, features = ["runtime-tok
3535
rcgen = { version = "0.14.5", default-features = false, optional = true }
3636
rustls = { version = "0.23.23", default-features = false }
3737
rustls-native-certs = "0.8.0"
38-
rustls-pemfile = "2.1.3"
39-
rustls-pki-types = "1.8.0"
38+
rustls-pki-types = "1.13.2"
4039
sha2 = "0.10.8"
4140
socket2 = "0.5.3"
4241
thiserror = "2.0.3"

wtransport/src/tls.rs

Lines changed: 38 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ use error::PemLoadError;
44
use pem::encode as pem_encode;
55
use pem::Pem;
66
use rustls::RootCertStore;
7+
use rustls_pki_types::pem::PemObject;
78
use rustls_pki_types::CertificateDer;
89
use rustls_pki_types::PrivateKeyDer;
910
use rustls_pki_types::PrivatePkcs8KeyDer;
@@ -47,15 +48,23 @@ impl Certificate {
4748
error: io_error,
4849
})?;
4950

50-
let cert = rustls_pemfile::certs(&mut &*file_data)
51-
.next()
52-
.ok_or(PemLoadError::NoCertificateSection)?
53-
.map_err(|io_error| PemLoadError::FileError {
54-
file: filepath.as_ref().to_path_buf(),
55-
error: io_error,
56-
})?;
51+
let der = CertificateDer::from_pem_slice(&file_data).map_err(|error| {
52+
if let rustls_pki_types::pem::Error::NoItemsFound = error {
53+
PemLoadError::NoCertificateSection
54+
} else {
55+
PemLoadError::FileError {
56+
file: filepath.as_ref().to_path_buf(),
57+
error: std::io::Error::other(error),
58+
}
59+
}
60+
})?;
5761

58-
Ok(Self(cert))
62+
Self::from_der(der.to_vec()).map_err(|invalid_certificate| {
63+
PemLoadError::InvalidCertificateChain {
64+
index: 0,
65+
error: invalid_certificate,
66+
}
67+
})
5968
}
6069

6170
/// Stores the certificate in PEM format into a file asynchronously.
@@ -137,14 +146,18 @@ impl PrivateKey {
137146
error: io_error,
138147
})?;
139148

140-
let private_key = rustls_pemfile::private_key(&mut &*file_data)
141-
.map_err(|io_error| PemLoadError::FileError {
142-
file: filepath.as_ref().to_path_buf(),
143-
error: io_error,
144-
})?
145-
.map(Self);
149+
let private_key = PrivateKeyDer::from_pem_slice(&file_data).map_err(|error| {
150+
if let rustls_pki_types::pem::Error::NoItemsFound = error {
151+
PemLoadError::NoPrivateKeySection
152+
} else {
153+
PemLoadError::FileError {
154+
file: filepath.as_ref().to_path_buf(),
155+
error: std::io::Error::other(error),
156+
}
157+
}
158+
})?;
146159

147-
private_key.ok_or(PemLoadError::NoPrivateKeySection)
160+
Ok(Self(private_key))
148161
}
149162

150163
/// Stores the private key in PEM format into a file asynchronously.
@@ -206,14 +219,18 @@ impl CertificateChain {
206219
error: io_error,
207220
})?;
208221

209-
let certificates = rustls_pemfile::certs(&mut &*file_data)
222+
let certificates = CertificateDer::pem_slice_iter(&file_data)
210223
.enumerate()
211-
.map(|(index, maybe_cert)| match maybe_cert {
212-
Ok(cert) => Certificate::from_der(cert.to_vec())
213-
.map_err(|error| PemLoadError::InvalidCertificateChain { index, error }),
214-
Err(io_error) => Err(PemLoadError::FileError {
224+
.map(|(index, maybe_der)| match maybe_der {
225+
Ok(der) => Certificate::from_der(der.to_vec()).map_err(|invalid_certificate| {
226+
PemLoadError::InvalidCertificateChain {
227+
index,
228+
error: invalid_certificate,
229+
}
230+
}),
231+
Err(error) => Err(PemLoadError::FileError {
215232
file: filepath.as_ref().to_path_buf(),
216-
error: io_error,
233+
error: std::io::Error::other(error),
217234
}),
218235
})
219236
.collect::<Result<Vec<_>, _>>()?;

0 commit comments

Comments
 (0)