book: merge certificate code files

Author: djc

docs/book/Cargo.toml

@@ -20,10 +20,6 @@ rustls-pemfile.workspace = true
 name = "certificate-insecure"
 path = "src/quinn/certificate-insecure.rs"
 
-[[bin]]
-name = "certificate-certsr"
-path = "src/quinn/certificate-certs.rs"
-
 [[bin]]
 name = "data-transfer"
 path = "src/quinn/data-transfer.rs"

docs/book/src/quinn/certificate-certs.rs

@@ -1,9 +1,10 @@
-use std::sync::Arc;
+use std::{error::Error, sync::Arc};
 
 use quinn::{
     ClientConfig,
     crypto::rustls::{NoInitialCipherSuite, QuicClientConfig},
 };
+use rustls::pki_types::pem::PemObject;
 
 // Implementation of `ServerCertVerifier` that verifies everything as trustworthy.
 #[derive(Debug)]
@@ -71,4 +72,38 @@ fn configure_client() -> Result<ClientConfig, NoInitialCipherSuite> {
     )?)))
 }
 
-fn main() {}
+fn read_certs_from_file() -> Result<
+    (
+        Vec<rustls::pki_types::CertificateDer<'static>>,
+        rustls::pki_types::PrivateKeyDer<'static>,
+    ),
+    Box<dyn Error>,
+> {
+    let certs = rustls::pki_types::CertificateDer::pem_file_iter("./fullchain.pem")
+        .unwrap()
+        .map(|cert| cert.unwrap())
+        .collect();
+    let key = rustls::pki_types::PrivateKeyDer::from_pem_file("./privkey.pem").unwrap();
+    Ok((certs, key))
+}
+
+fn generate_self_signed_cert() -> Result<
+    (
+        rustls::pki_types::CertificateDer<'static>,
+        rustls::pki_types::PrivatePkcs8KeyDer<'static>,
+    ),
+    Box<dyn Error>,
+> {
+    let cert = rcgen::generate_simple_self_signed(vec!["localhost".to_string()])?;
+    let cert_der = rustls::pki_types::CertificateDer::from(cert.cert);
+    let key = rustls::pki_types::PrivatePkcs8KeyDer::from(cert.key_pair.serialize_der());
+    Ok((cert_der, key))
+}
+
+#[allow(unused_variables)]
+fn main() {
+    let (self_signed_certs, self_signed_key) = generate_self_signed_cert().unwrap();
+    let (certs, key) = read_certs_from_file().unwrap();
+    let server_config = quinn::ServerConfig::with_single_cert(certs, key);
+    let client_config = quinn::ClientConfig::with_platform_verifier();
+}

docs/book/src/quinn/certificate-insecure.rs

@@ -45,7 +45,7 @@ This example uses [rcgen][4] to generate a certificate.
 Let's look at an example:
 
 ```rust
-{{#include certificate-certs.rs:20:31}}
+{{#include certificate-insecure.rs:90:101}}
 ```
 
 *Note that [generate_simple_self_signed][generate_simple_self_signed] returns a [Certificate][2] that can be serialized to both `.der` and `.pem` formats.*
@@ -68,7 +68,7 @@ certbot asks for the required data and writes the certificates to `fullchain.pem
 These files can then be referenced in code.
 
 ```rust
-{{#include certificate-certs.rs:5:18}}
+{{#include certificate-insecure.rs:75:88}}
 ```
 
 ### Configuring Certificates
@@ -79,15 +79,15 @@ After configuring plug the configuration into the `Endpoint`.
 **Configure Server**
 
 ```rust
-{{#include certificate-certs.rs:36}}
+{{#include certificate-insecure.rs:107}}
 ```
 
 This is the only thing you need to do for your server to be secured.
 
 **Configure Client**
 
 ```rust
-{{#include certificate-certs.rs:37}}
+{{#include certificate-insecure.rs:108}}
 ```
 
 This is the only thing you need to do for your client to trust a server certificate signed by a conventional certificate authority.