Skip to content

Commit 6f55a25

Browse files
committed
Add a CertifiedIssuer
1 parent 67b6995 commit 6f55a25

File tree

1 file changed

+51
-0
lines changed

1 file changed

+51
-0
lines changed

rcgen/src/lib.rs

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ use std::net::IpAddr;
4141
use std::net::{Ipv4Addr, Ipv6Addr};
4242
use std::ops::Deref;
4343

44+
#[cfg(feature = "pem")]
45+
use pem::Pem;
4446
#[cfg(feature = "x509-parser")]
4547
use pki_types::CertificateDer;
4648
use time::{OffsetDateTime, Time};
@@ -136,6 +138,55 @@ pub fn generate_simple_self_signed(
136138
Ok(CertifiedKey { cert, signing_key })
137139
}
138140

141+
/// An [`Issuer`] wrapper that also contains the issuer's [`Certificate`].
142+
pub struct CertifiedIssuer<'a, S> {
143+
certificate: Certificate,
144+
issuer: Issuer<'a, S>,
145+
}
146+
147+
impl<'a, S: SigningKey> CertifiedIssuer<'a, S> {
148+
/// Create a new issuer from the given parameters and key, with a self-signed certificate.
149+
pub fn self_signed(params: CertificateParams, signing_key: S) -> Result<Self, Error> {
150+
Ok(Self {
151+
certificate: params.self_signed(&signing_key)?,
152+
issuer: Issuer::new(params, signing_key),
153+
})
154+
}
155+
156+
/// Create a new issuer from the given parameters and key, signed by the given `issuer`.
157+
pub fn signed_by(
158+
params: CertificateParams,
159+
signing_key: S,
160+
issuer: &Issuer<'_, impl SigningKey>,
161+
) -> Result<Self, Error> {
162+
Ok(Self {
163+
certificate: params.signed_by(&signing_key, issuer)?,
164+
issuer: Issuer::new(params, signing_key),
165+
})
166+
}
167+
168+
/// Get the certificate in PEM encoded format.
169+
#[cfg(feature = "pem")]
170+
pub fn pem(&self) -> String {
171+
pem::encode_config(&Pem::new("CERTIFICATE", self.der().to_vec()), ENCODE_CONFIG)
172+
}
173+
174+
/// Get the certificate in DER encoded format.
175+
///
176+
/// See also [`Certificate::der()`]
177+
pub fn der(&self) -> &CertificateDer<'static> {
178+
self.certificate.der()
179+
}
180+
}
181+
182+
impl<'a, S> Deref for CertifiedIssuer<'a, S> {
183+
type Target = Issuer<'a, S>;
184+
185+
fn deref(&self) -> &Self::Target {
186+
&self.issuer
187+
}
188+
}
189+
139190
/// An issuer that can sign certificates.
140191
///
141192
/// Encapsulates the distinguished name, key identifier method, key usages and signing key

0 commit comments

Comments
 (0)