]>
git.proxmox.com Git - proxmox-backup.git/blob - src/tools/cert.rs
1 use std
::path
::PathBuf
;
4 use openssl
::x509
::{X509, GeneralName}
;
5 use openssl
::stack
::Stack
;
6 use openssl
::pkey
::{Public, PKey}
;
14 fn x509name_to_string(name
: &openssl
::x509
::X509NameRef
) -> Result
<String
, Error
> {
15 let mut parts
= Vec
::new();
16 for entry
in name
.entries() {
17 parts
.push(format
!("{} = {}", entry
.object().nid().short_name()?
, entry
.data().as_utf8()?
));
23 pub fn new() -> Result
<Self, Error
> {
24 Self::from_path(PathBuf
::from(configdir
!("/proxy.pem")))
27 pub fn from_path(path
: PathBuf
) -> Result
<Self, Error
> {
28 let cert_pem
= proxmox
::tools
::fs
::file_get_contents(&path
)?
;
29 let x509
= openssl
::x509
::X509
::from_pem(&cert_pem
)?
;
35 pub fn subject_alt_names(&self) -> Option
<Stack
<GeneralName
>> {
36 self.x509
.subject_alt_names()
39 pub fn subject_name(&self) -> Result
<String
, Error
> {
40 Ok(x509name_to_string(self.x509
.subject_name())?
)
43 pub fn issuer_name(&self) -> Result
<String
, Error
> {
44 Ok(x509name_to_string(self.x509
.issuer_name())?
)
47 pub fn fingerprint(&self) -> Result
<String
, Error
> {
48 let fp
= self.x509
.digest(openssl
::hash
::MessageDigest
::sha256())?
;
49 let fp_string
= proxmox
::tools
::digest_to_hex(&fp
);
50 let fp_string
= fp_string
.as_bytes().chunks(2).map(|v
| std
::str::from_utf8(v
).unwrap())
51 .collect
::<Vec
<&str>>().join(":");
55 pub fn public_key(&self) -> Result
<PKey
<Public
>, Error
> {
56 let pubkey
= self.x509
.public_key()?
;
60 pub fn not_before(&self) -> &openssl
::asn1
::Asn1TimeRef
{
61 self.x509
.not_before()
64 pub fn not_after(&self) -> &openssl
::asn1
::Asn1TimeRef
{