Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependencies #48

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Update dependencies #48

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
efeb506
Update `env_logger` dependency
elprans Feb 19, 2024
9bdc8af
gitignore
aljazerzen Apr 25, 2024
20731c3
Update `pem` dependency
aljazerzen Apr 25, 2024
e4dcdbc
Remove `untrusted` dependency
aljazerzen Apr 25, 2024
52cca69
Update `cfg-if` and `winapi` dependencies
aljazerzen Apr 25, 2024
4af3675
Update `webpki-roots` dependency
aljazerzen Apr 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,11 @@ Cargo.lock

**/*.iml
.idea
.vscode

.*.swp

flake.nix
flake.lock
.envrc
.direnv/
5 changes: 2 additions & 3 deletions api-test/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,11 @@ travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch
[dependencies]
tls-api = { path = "../api", version = "=0.10.0-pre", default-features = false }
log = "0.4"
env_logger = "0.5"
env_logger = "0.11.2"
anyhow = "1.0.44"

pem = "0.8.3"
pem = "3.0.4"
webpki = "0.22.0"
untrusted = "0.6.*"

tokio = { version = "1.2.0", features = ["net", "io-util", "rt", "rt-multi-thread"], optional = true }
async-std = { version = "1.9.0", features = ["attributes"], optional = true }
Expand Down
2 changes: 1 addition & 1 deletion api/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ bench = false
travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch = "master" }

[dependencies]
pem = "0.8.3"
pem = "3.0.4"
tempfile = "3.3.0"
anyhow = "1.0.44"
thiserror = "1.0.30"
Expand Down
25 changes: 10 additions & 15 deletions api/src/openssl.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,15 +17,10 @@ pub(crate) fn der_to_pkcs12(cert: &[u8], key: &[u8]) -> anyhow::Result<(Vec<u8>,
let passphrase = "tls-api-123";

let pem_data = pem::encode_many(&[
pem::Pem {
tag: "CERTIFICATE".to_owned(),
contents: cert.to_owned(),
},
pem::Pem {
// Technically it can be non-RSA PRIVATE KEY
tag: "RSA PRIVATE KEY".to_owned(),
contents: key.to_owned(),
},
pem::Pem::new("CERTIFICATE", cert.to_vec()),

// Technically it can be non-RSA PRIVATE KEY
pem::Pem::new("RSA PRIVATE KEY", key.to_vec()),
]);

fs::write(&cert_file, pem_data)?;
Expand Down Expand Up @@ -84,25 +79,25 @@ pub(crate) fn pkcs12_to_der(pkcs12: &[u8], passphrase: &str) -> anyhow::Result<(
}

let cert_pem = fs::read_to_string(cert_pem_file)?;
let pems = pem::parse_many(cert_pem);
let pems = pem::parse_many(cert_pem)?;
let mut certificates: Vec<Vec<u8>> = pems
.iter()
.flat_map(|p| match p.tag.as_str() {
"CERTIFICATE" => Some(p.contents.clone()),
.flat_map(|p| match p.tag() {
"CERTIFICATE" => Some(p.contents().to_vec()),
_ => None,
})
.collect();
let mut keys: Vec<Vec<u8>> = pems
.iter()
.flat_map(|p| match p.tag.as_str() {
"PRIVATE KEY" | "RSA PRIVATE KEY" => Some(p.contents.clone()),
.flat_map(|p| match p.tag() {
"PRIVATE KEY" | "RSA PRIVATE KEY" => Some(p.contents().to_vec()),
_ => None,
})
.collect();
if keys.len() != 1 || certificates.len() != 1 {
return Err(
crate::CommonError::PemFromPkcs12ContainsNotSingleCertKeyPair(
pems.iter().map(|p| p.tag.clone()).collect(),
pems.iter().map(|p| p.tag().to_string()).collect(),
)
.into(),
);
Expand Down
6 changes: 3 additions & 3 deletions examples/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,8 @@ runtime-tokio = [
]

[dev-dependencies]
env_logger = { version = "0.5", default-features = false }
cfg-if = "0.1"
env_logger = { version = "0.11.2", default-features = false }
cfg-if = "1.0.0"
tokio = { version = "1.2.0", features = ["net"] }

[target.'cfg(all(not(target_os = "macos"), not(windows), not(target_os = "ios")))'.dev-dependencies]
Expand All @@ -58,4 +58,4 @@ advapi32-sys = "0.2"
crypt32-sys = "0.2"
kernel32-sys = "0.2"
schannel = "0.1"
winapi = "0.2"
winapi = "0.3.9"
2 changes: 1 addition & 1 deletion impl-rustls/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ travis-ci = { repository = "https://github.com/stepancheg/rust-tls-api/", branch
[dependencies]
rustls = { version = "0.20.0", features = ["dangerous_configuration"] }
webpki = "0.22.0"
webpki-roots = "0.22.0"
webpki-roots = "0.26.1"
tokio = { version = "1.2.0", features = [], optional = true }
async-std = { version = "1.9.0", features = ["attributes"], optional = true }
anyhow = "1.0.44"
Expand Down
2 changes: 1 addition & 1 deletion impl-rustls/examples/server.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use test_cert_gen::pem_to_cert_key_pair;
use tls_api::runtime::AsyncWriteExt;

async fn run() {
let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes());
let (cert, key) = pem_to_cert_key_pair(fs::read_to_string("server.pem").unwrap().as_bytes()).unwrap();

let builder =
tls_api_rustls::TlsAcceptor::builder_from_der_key(cert.get_der(), key.get_der()).unwrap();
Expand Down
8 changes: 4 additions & 4 deletions impl-rustls/src/connector.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,11 +145,11 @@ impl tls_api::TlsConnector for TlsConnector {

fn builder() -> anyhow::Result<TlsConnectorBuilder> {
let mut roots = rustls::RootCertStore::empty();
roots.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.0.iter().map(|ta| {
roots.add_server_trust_anchors(webpki_roots::TLS_SERVER_ROOTS.iter().map(|ta| {
rustls::OwnedTrustAnchor::from_subject_spki_name_constraints(
ta.subject,
ta.spki,
ta.name_constraints,
ta.subject.as_ref(),
ta.subject_public_key_info.as_ref(),
ta.name_constraints.as_ref().map(|x| x.as_ref()),
)
}));
let config = rustls::ClientConfig::builder()
Expand Down
2 changes: 1 addition & 1 deletion test-cert-gen/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ bench = false

[dependencies]
tempfile = "3.3.0"
pem = "0.8.3"
pem = "3.0.4"
once_cell = "1.10.0"
40 changes: 17 additions & 23 deletions test-cert-gen/src/cert.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,18 +26,18 @@ impl Cert {
}

/// Construct from PEM-DER-encoded.
pub fn from_pem(cert_der_pem: impl AsRef<[u8]>) -> Cert {
let pem = pem::parse_many(cert_der_pem.as_ref());
pub fn from_pem(cert_der_pem: impl AsRef<[u8]>) -> Result<Cert, pem::PemError> {
let pem = pem::parse_many(cert_der_pem.as_ref())?;
let count = pem.len();
let mut certs: Vec<Cert> = pem
.into_iter()
.flat_map(|p| match p.tag == "CERTIFICATE" {
true => Some(Self::from_der(p.contents)),
.flat_map(|p| match p.tag() == "CERTIFICATE" {
true => Some(Self::from_der(p.contents())),
false => None,
})
.collect();
if certs.len() == 1 {
return certs.swap_remove(0);
return Ok(certs.swap_remove(0));
} else if certs.len() > 1 {
panic!("PEM file contains {} certificates", certs.len());
} else if count != 0 {
Expand All @@ -59,10 +59,7 @@ impl Cert {

/// Convert a certificate to PEM format.
pub fn to_pem(&self) -> String {
pem::encode(&pem::Pem {
tag: "CERTIFICATE".to_owned(),
contents: self.0.clone(),
})
pem::encode(&pem::Pem::new("CERTIFICATE", self.0.to_vec()))
}
}

Expand All @@ -89,18 +86,18 @@ impl PrivateKey {
/// Construct a private key from PEM text file.
///
/// This operation returns an error if PEM file contains zero or more than one certificate.
pub fn from_pem(key_pem: impl AsRef<[u8]>) -> PrivateKey {
let pem = pem::parse_many(key_pem.as_ref());
pub fn from_pem(key_pem: impl AsRef<[u8]>) -> Result<PrivateKey, pem::PemError> {
let pem = pem::parse_many(key_pem.as_ref())?;
let count = pem.len();
let mut keys: Vec<PrivateKey> = pem
.into_iter()
.flat_map(|p| match p.tag.as_ref() {
"PRIVATE KEY" | "RSA PRIVATE KEY" => Some(Self::from_der(p.contents)),
.flat_map(|p| match p.tag() {
"PRIVATE KEY" | "RSA PRIVATE KEY" => Some(Self::from_der(p.contents())),
_ => None,
})
.collect();
if keys.len() == 1 {
return keys.swap_remove(0);
return Ok(keys.swap_remove(0));
} else if keys.len() > 1 {
panic!("PEM file contains {} private keys", keys.len());
} else if count != 0 {
Expand All @@ -121,25 +118,22 @@ impl PrivateKey {
/// without verifying that the private key is actually RSA.
#[doc(hidden)]
pub fn to_pem_incorrect(&self) -> String {
pem::encode(&pem::Pem {
tag: "RSA PRIVATE KEY".to_owned(),
contents: self.0.clone(),
})
pem::encode(&pem::Pem::new("RSA PRIVATE KEY", self.0.clone()))
}
}

/// Parse PEM file into a pair of certificate and private key.
pub fn pem_to_cert_key_pair(pem: &[u8]) -> (Cert, PrivateKey) {
let entries = pem::parse_many(pem);
pub fn pem_to_cert_key_pair(pem: &[u8]) -> Result<(Cert, PrivateKey), pem::PemError> {
let entries = pem::parse_many(pem)?;
if entries.len() != 2 {
panic!(
"PEM file should contain certificate and private key entries, got {} entries",
entries.len()
);
}
let cert = Cert::from_pem(pem);
let key = PrivateKey::from_pem(pem);
(cert, key)
let cert = Cert::from_pem(pem)?;
let key = PrivateKey::from_pem(pem)?;
Ok((cert, key))
}

/// DER-encoded
Expand Down
16 changes: 8 additions & 8 deletions test-cert-gen/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,12 +107,12 @@ fn gen_root_ca() -> CertAndPrivateKey {
let cert = fs::read_to_string(&certfile).unwrap();
let key = fs::read_to_string(&keyfile).unwrap();

assert_eq!(1, pem::parse_many(cert.as_bytes()).len());
assert_eq!(1, pem::parse_many(key.as_bytes()).len());
assert_eq!(1, pem::parse_many(cert.as_bytes()).unwrap().len());
assert_eq!(1, pem::parse_many(key.as_bytes()).unwrap().len());

CertAndPrivateKey {
cert: Cert::from_pem(&cert),
key: PrivateKey::from_pem(&key),
cert: Cert::from_pem(&cert).unwrap(),
key: PrivateKey::from_pem(&key).unwrap(),
}
}

Expand Down Expand Up @@ -220,12 +220,12 @@ fn gen_cert_for_domain(domain: &str, ca: &CertAndPrivateKey) -> CertAndPrivateKe
let cert = fs::read_to_string(&cert_path).unwrap();

// verify
assert_eq!(1, pem::parse_many(cert.as_bytes()).len());
assert_eq!(1, pem::parse_many(key.as_bytes()).len());
assert_eq!(1, pem::parse_many(cert.as_bytes()).unwrap().len());
assert_eq!(1, pem::parse_many(key.as_bytes()).unwrap().len());

CertAndPrivateKey {
cert: Cert::from_pem(&cert),
key: PrivateKey::from_pem(&key),
cert: Cert::from_pem(&cert).unwrap(),
key: PrivateKey::from_pem(&key).unwrap(),
}
}

Expand Down