Skip to content

Commit 83f807a

Browse files
ancwrd1ancwrd1
committed
Updated to latest rustls
1 parent 21f53dc commit 83f807a

File tree

4 files changed

+55
-54
lines changed

4 files changed

+55
-54
lines changed

Cargo.lock

Lines changed: 29 additions & 40 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

examples/client.rs

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ use std::{
77

88
use clap::Parser;
99
use rustls::{
10-
CertificateType, ClientConfig, ClientConnection, RootCertStore, Stream,
10+
CertificateType, ClientConfig, ClientConnection, PeerIdentity, RootCertStore, Stream,
1111
client::{ClientCredentialResolver, CredentialRequest},
1212
sign::{CertifiedKey, CertifiedSigner},
1313
};
@@ -52,8 +52,11 @@ impl ClientCredentialResolver for ClientCertResolver {
5252
if let Some(ref pin) = self.pin {
5353
signing_key.key().set_pin(pin).ok()?;
5454
}
55-
CertifiedKey::new_unchecked(chain.into(), Box::new(signing_key))
56-
.signer(server_hello.signature_schemes())
55+
CertifiedKey::new_unchecked(
56+
Arc::new(PeerIdentity::from_cert_chain(chain).ok()?),
57+
Box::new(signing_key),
58+
)
59+
.signer(server_hello.signature_schemes())
5760
}
5861

5962
fn supported_certificate_types(&self) -> &'static [CertificateType] {

examples/server.rs

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ use std::{
77

88
use clap::Parser;
99
use rustls::{
10-
RootCertStore, ServerConfig, ServerConnection, Stream,
10+
PeerIdentity, RootCertStore, ServerConfig, ServerConnection, Stream,
1111
server::{ClientHello, ServerCredentialResolver, WebPkiClientVerifier},
1212
sign::{CertifiedKey, CertifiedSigner},
1313
};
@@ -83,9 +83,12 @@ impl ServerCredentialResolver for ServerCertResolver {
8383
.map_err(|_| rustls::Error::NoSuitableCertificate)?;
8484
let certs = chain.into_iter().map(Into::into).collect();
8585

86-
CertifiedKey::new_unchecked(certs, Box::new(key))
87-
.signer(client_hello.signature_schemes())
88-
.ok_or_else(|| rustls::Error::General("No common schemes".to_owned()))
86+
CertifiedKey::new_unchecked(
87+
Arc::new(PeerIdentity::from_cert_chain(certs)?),
88+
Box::new(key),
89+
)
90+
.signer(client_hello.signature_schemes())
91+
.ok_or_else(|| rustls::Error::General("No common schemes".to_owned()))
8992
}
9093
}
9194

tests/test_client_server.rs

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ mod client {
1111
};
1212

1313
use rustls::{
14-
CertificateType, ClientConfig, ClientConnection, RootCertStore, Stream,
14+
CertificateType, ClientConfig, ClientConnection, PeerIdentity, RootCertStore, Stream,
1515
client::{ClientCredentialResolver, CredentialRequest},
1616
sign::{CertifiedKey, CertifiedSigner},
1717
};
@@ -43,8 +43,11 @@ mod client {
4343
impl ClientCredentialResolver for ClientCertResolver {
4444
fn resolve(&self, server_hello: &CredentialRequest) -> Option<CertifiedSigner> {
4545
let (chain, signing_key) = get_chain(&self.0, &self.1).ok()?;
46-
CertifiedKey::new_unchecked(chain.into(), Box::new(signing_key))
47-
.signer(server_hello.signature_schemes())
46+
CertifiedKey::new_unchecked(
47+
Arc::new(PeerIdentity::from_cert_chain(chain).ok()?),
48+
Box::new(signing_key),
49+
)
50+
.signer(server_hello.signature_schemes())
4851
}
4952

5053
fn supported_certificate_types(&self) -> &'static [CertificateType] {
@@ -95,7 +98,7 @@ mod server {
9598
};
9699

97100
use rustls::{
98-
RootCertStore, ServerConfig, ServerConnection, Stream,
101+
PeerIdentity, RootCertStore, ServerConfig, ServerConnection, Stream,
99102
server::{ClientHello, ServerCredentialResolver, WebPkiClientVerifier},
100103
sign::{CertifiedKey, CertifiedSigner},
101104
};
@@ -128,9 +131,12 @@ mod server {
128131
.map_err(|_| rustls::Error::NoSuitableCertificate)?;
129132
let certs = chain.into_iter().map(Into::into).collect();
130133

131-
CertifiedKey::new_unchecked(certs, Box::new(key))
132-
.signer(client_hello.signature_schemes())
133-
.ok_or_else(|| rustls::Error::General("No common schemes".to_owned()))
134+
CertifiedKey::new_unchecked(
135+
Arc::new(PeerIdentity::from_cert_chain(certs)?),
136+
Box::new(key),
137+
)
138+
.signer(client_hello.signature_schemes())
139+
.ok_or_else(|| rustls::Error::General("No common schemes".to_owned()))
134140
}
135141
}
136142

0 commit comments

Comments
 (0)