mirrors/doh-server
1
0
Fork 0
mirror of https://github.com/DNSCrypt/doh-server.git synced 2025-04-03 04:57:37 +03:00
Code Issues Projects Releases Packages Wiki Activity

Parse PKCS8 and RSA keys separately

Browse source
This commit is contained in:
Frank Denis 2021-02-15 00:00:57 +01:00
parent c3f724118c
commit 9f092224cd
1 changed files with 28 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

41
src/libdoh/src/tls.rs
View file

@ -3,7 +3,7 @@ use crate::{DoH, LocalExecutor};
use hyper::server::conn::Http;
use std::fs::File;
use std::io::{self, BufReader};
use std::io::{self, BufReader, Cursor, Read};
use std::path::Path;
use std::sync::Arc;
use tokio::net::TcpListener;
@ -38,22 +38,37 @@ where
};
let certs_keys = {
let certs_keys_path_str = certs_keys_path.as_ref().display().to_string();
let mut reader = BufReader::new(File::open(certs_keys_path).map_err(|e| {
io::Error::new(
e.kind(),
format!(
"Unable to load the certificate keys [{}]: {}",
certs_keys_path_str,
e.to_string()
),
)
})?);
let keys = pemfile::pkcs8_private_keys(&mut reader).map_err(|_| {
let encoded_keys = {
let mut encoded_keys = vec![];
File::open(certs_keys_path)
.map_err(|e| {
io::Error::new(
e.kind(),
format!(
"Unable to load the certificate keys [{}]: {}",
certs_keys_path_str,
e.to_string()
),
)
})?
.read_to_end(&mut encoded_keys)?;
encoded_keys
};
let mut reader = Cursor::new(encoded_keys);
let pkcs8_keys = pemfile::pkcs8_private_keys(&mut reader).map_err(|_| {
io::Error::new(
io::ErrorKind::InvalidInput,
"Unable to parse the certificates private keys",
"Unable to parse the certificates private keys (PKCS8)",
)
})?;
let mut rsa_keys = pemfile::rsa_private_keys(&mut reader).map_err(|_| {
io::Error::new(
io::ErrorKind::InvalidInput,
"Unable to parse the certificates private keys (RSA)",
)
})?;
let mut keys = pkcs8_keys;
keys.append(&mut rsa_keys);
if keys.is_empty() {
return Err(io::Error::new(
io::ErrorKind::InvalidInput,