Skip to content

Commit 122a7d6

Browse files
djcdjc
committed
Add a CertifiedIssuer
1 parent 67b6995 commit 122a7d6

File tree

1 file changed

+53
-2
lines changed

1 file changed

+53
-2
lines changed

rcgen/src/lib.rs

Lines changed: 53 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,8 @@ use std::net::IpAddr;
4141
use std::net::{Ipv4Addr, Ipv6Addr};
4242
use std::ops::Deref;
4343

44-
#[cfg(feature = "x509-parser")]
44+
#[cfg(feature = "pem")]
45+
use pem::Pem;
4546
use pki_types::CertificateDer;
4647
use time::{OffsetDateTime, Time};
4748
use yasna::models::ObjectIdentifier;
@@ -136,6 +137,56 @@ pub fn generate_simple_self_signed(
136137
Ok(CertifiedKey { cert, signing_key })
137138
}
138139

140+
/// An [`Issuer`] wrapper that also contains the issuer's [`Certificate`].
141+
#[derive(Debug)]
142+
pub struct CertifiedIssuer<'a, S> {
143+
certificate: Certificate,
144+
issuer: Issuer<'a, S>,
145+
}
146+
147+
impl<'a, S: SigningKey> CertifiedIssuer<'a, S> {
148+
/// Create a new issuer from the given parameters and key, with a self-signed certificate.
149+
pub fn self_signed(params: CertificateParams, signing_key: S) -> Result<Self, Error> {
150+
Ok(Self {
151+
certificate: params.self_signed(&signing_key)?,
152+
issuer: Issuer::new(params, signing_key),
153+
})
154+
}
155+
156+
/// Create a new issuer from the given parameters and key, signed by the given `issuer`.
157+
pub fn signed_by(
158+
params: CertificateParams,
159+
signing_key: S,
160+
issuer: &Issuer<'_, impl SigningKey>,
161+
) -> Result<Self, Error> {
162+
Ok(Self {
163+
certificate: params.signed_by(&signing_key, issuer)?,
164+
issuer: Issuer::new(params, signing_key),
165+
})
166+
}
167+
168+
/// Get the certificate in PEM encoded format.
169+
#[cfg(feature = "pem")]
170+
pub fn pem(&self) -> String {
171+
pem::encode_config(&Pem::new("CERTIFICATE", self.der().to_vec()), ENCODE_CONFIG)
172+
}
173+
174+
/// Get the certificate in DER encoded format.
175+
///
176+
/// See also [`Certificate::der()`]
177+
pub fn der(&self) -> &CertificateDer<'static> {
178+
self.certificate.der()
179+
}
180+
}
181+
182+
impl<'a, S> Deref for CertifiedIssuer<'a, S> {
183+
type Target = Issuer<'a, S>;
184+
185+
fn deref(&self) -> &Self::Target {
186+
&self.issuer
187+
}
188+
}
189+
139190
/// An issuer that can sign certificates.
140191
///
141192
/// Encapsulates the distinguished name, key identifier method, key usages and signing key
@@ -210,7 +261,7 @@ impl<'a, S: SigningKey> Issuer<'a, S> {
210261
}
211262
}
212263

213-
impl<'a, S: SigningKey> fmt::Debug for Issuer<'a, S> {
264+
impl<'a, S> fmt::Debug for Issuer<'a, S> {
214265
/// Formats the issuer information without revealing the key pair.
215266
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
216267
// The key pair is omitted from the debug output as it contains secret information.

0 commit comments

Comments
 (0)