unweb/tokio-gemini
1
2
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

docs: add doc-comments to rewritten certs::fingerprint

Browse source
This commit is contained in:
DarkCat09 2024-08-09 11:16:38 +04:00
parent 1fc73d0cab
commit 32895e5b65
Signed by: DarkCat09
GPG key ID: 0A26CD5B3345D6E3
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/certs/fingerprint.rs
View file

@ -13,17 +13,30 @@ pub const SHA512_HEX_LEN: usize = 128; // (512 / 8) * 2
pub const SHA256_B64_LEN: usize = 44; // 4 * ((256 / 8) as f64 / 3 as f64).ceil() pub const SHA256_B64_LEN: usize = 44; // 4 * ((256 / 8) as f64 / 3 as f64).ceil()
pub const SHA512_B64_LEN: usize = 88; // 4 * ((512 / 8) as f64 / 3 as f64).ceil() pub const SHA512_B64_LEN: usize = 88; // 4 * ((512 / 8) as f64 / 3 as f64).ceil()
/// Supported hashing algorithms
#[derive(Debug, Clone, Copy)] #[derive(Debug, Clone, Copy)]
pub enum HashAlgo { pub enum HashAlgo {
Sha256, Sha256,
Sha512, Sha512,
} }
/// Structure holding a TLS cert hash
/// and providing bin2text methods,
/// mostly for use in [`crate::certs::SelfsignedCertVerifier`]
pub struct CertFingerprint<T: Digest> { pub struct CertFingerprint<T: Digest> {
hash: sha2::digest::Output<T>, hash: sha2::digest::Output<T>,
} }
impl<T: Digest> CertFingerprint<T> { impl<T: Digest> CertFingerprint<T> {
/// Generate a TLS cert hash.
///
/// # Examples
/// ```
/// use tokio_gemini::certs::fingerprint::{CertFingerprint, Sha256};
///
/// let hash = CertFingerprint::<Sha256>::new(rustls_cert);
/// let fingerprint = hash.base64();
/// ```
pub fn new(cert: &CertificateDer) -> Self { pub fn new(cert: &CertificateDer) -> Self {
let mut hasher = T::new(); let mut hasher = T::new();
for chunk in cert.chunks(128) { for chunk in cert.chunks(128) {
@ -36,11 +49,15 @@ impl<T: Digest> CertFingerprint<T> {
} }
impl CertFingerprint<Sha256> { impl CertFingerprint<Sha256> {
/// Encode the TLS cert SHA-256 hash as HEX (base16).
/// Resulting string is 64 bytes length.
pub fn hex(&self) -> String { pub fn hex(&self) -> String {
let mut buf = [0u8; SHA256_HEX_LEN]; let mut buf = [0u8; SHA256_HEX_LEN];
b16::encode_str(&self.hash, &mut buf).unwrap().to_owned() b16::encode_str(&self.hash, &mut buf).unwrap().to_owned()
} }
/// Encode the TLS cert SHA-256 hash as base64.
/// Resulting string is 44 bytes length.
pub fn base64(&self) -> String { pub fn base64(&self) -> String {
let mut buf = [0u8; SHA256_B64_LEN]; let mut buf = [0u8; SHA256_B64_LEN];
b64::encode(&self.hash, &mut buf).unwrap().to_owned() b64::encode(&self.hash, &mut buf).unwrap().to_owned()
@ -48,11 +65,15 @@ impl CertFingerprint<Sha256> {
} }
impl CertFingerprint<Sha512> { impl CertFingerprint<Sha512> {
/// Encode the TLS cert SHA-512 hash as HEX (base16).
/// Resulting string is 128 bytes length.
pub fn hex(&self) -> String { pub fn hex(&self) -> String {
let mut buf = [0u8; SHA512_HEX_LEN]; let mut buf = [0u8; SHA512_HEX_LEN];
b16::encode_str(&self.hash, &mut buf).unwrap().to_owned() b16::encode_str(&self.hash, &mut buf).unwrap().to_owned()
} }
/// Encode the TLS cert SHA-512 hash as base64.
/// Resulting string is 88 bytes length.
pub fn base64(&self) -> String { pub fn base64(&self) -> String {
let mut buf = [0u8; SHA512_B64_LEN]; let mut buf = [0u8; SHA512_B64_LEN];
b64::encode(&self.hash, &mut buf).unwrap().to_owned() b64::encode(&self.hash, &mut buf).unwrap().to_owned()