scl_lib/
tls_config.rs

1// SPDX-License-Identifier: EUPL-1.2
2use std::{
3    fs::File,
4    io::{self, Read},
5    path::PathBuf,
6};
7
8use serde::{Deserialize, Serialize};
9
10/// Define file paths to certificate files.
11#[derive(Debug, Deserialize, Serialize)]
12pub struct TlsConfigFiles {
13    /// The CA file that contains the PEM-encoded TLS root certificates to authenticate the SCL API.
14    pub ca_cert_file: PathBuf,
15    /// PEM-encoded client certificate file.
16    pub client_cert_file: PathBuf,
17    /// PEM-encoded client key file.
18    pub client_key_file: PathBuf,
19    /// PEM-encoded certificate revocation list file.
20    pub crl_file: Option<PathBuf>,
21}
22
23/// Key and certificate data for TLS authentication.
24pub struct TlsConfig {
25    pub ca_cert: Vec<u8>,
26    pub client_cert: Vec<u8>,
27    pub client_key: Vec<u8>,
28    pub crl: Vec<u8>,
29}
30
31impl TlsConfigFiles {
32    /// Read key and certificate data from configured files.
33    pub fn read_files(&self) -> Result<TlsConfig, io::Error> {
34        let mut ca_cert: Vec<u8> = Vec::new();
35        File::open(&self.ca_cert_file)?.read_to_end(&mut ca_cert)?;
36
37        let mut client_cert: Vec<u8> = Vec::new();
38        File::open(&self.client_cert_file)?.read_to_end(&mut client_cert)?;
39
40        let mut client_key: Vec<u8> = Vec::new();
41        File::open(&self.client_key_file)?.read_to_end(&mut client_key)?;
42
43        let crl = match &self.crl_file {
44            Some(path) => {
45                let mut crl = Vec::new();
46                File::open(path)?.read_to_end(&mut crl)?;
47                crl
48            }
49            None => vec![],
50        };
51        Ok(TlsConfig {
52            ca_cert,
53            client_cert,
54            client_key,
55            crl,
56        })
57    }
58}
scl_lib/tls_config.rs

scl_lib/
tls_config.rs
