-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
server: Read PKSC8 private keys #14
Conversation
Currently the server only attempts to parse RSA private keys. This change updates the server to first attempt to read PKSC8 private keys before attempting to parse the key file as RSA.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good to me --- one suggestion.
kubert/src/server.rs
Outdated
|
||
// Load and return a single private key. | ||
let keys = rustls_pemfile::rsa_private_keys(&mut reader)?; | ||
let keys = rustls_pemfile::pkcs8_private_keys(&mut BufReader::new(pem.as_slice())) | ||
.or_else(|_| rustls_pemfile::rsa_private_keys(&mut BufReader::new(pem.as_slice())))?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we want to maybe log something about which format the keys were parsed in?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I could go either way. for now I'll trust that whatever rustls logs is good enough
Currently the server only attempts to parse RSA private keys. This
change updates the server to first attempt to read PKSC8 private keys
before attempting to parse the key file as RSA.