lunatic_distributed/control/
cert.rs

1use std::path::Path;
2
3use anyhow::Result;
4use rcgen::*;
5
6pub static TEST_ROOT_CERT: &str = r#"""
7-----BEGIN CERTIFICATE-----
8MIIBnDCCAUGgAwIBAgIIR5Hk+O5RdOgwCgYIKoZIzj0EAwIwKTEQMA4GA1UEAwwH
9Um9vdCBDQTEVMBMGA1UECgwMTHVuYXRpYyBJbmMuMCAXDTc1MDEwMTAwMDAwMFoY
10DzQwOTYwMTAxMDAwMDAwWjApMRAwDgYDVQQDDAdSb290IENBMRUwEwYDVQQKDAxM
11dW5hdGljIEluYy4wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARlVNxYAwsmmFNc
122EMBbZZVwL8GBtnnu8IROdDd68ixc0VBjfrV0zAM344lKJcs9slsMTEofoYvMCpI
13BhnSGyAFo1EwTzAdBgNVHREEFjAUghJyb290Lmx1bmF0aWMuY2xvdWQwHQYDVR0O
14BBYEFOh0Ue745JFH76xErjqkW2/SbHhAMA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZI
15zj0EAwIDSQAwRgIhAJKPv4XUZ9ej+CVgsJ+9x/CmJEcnebyWh2KntJri97nxAiEA
16/KvaQE6GtYZPGFv/WYM3YEmTQ7hoOvaaAuvD27cHkaw=
17-----END CERTIFICATE-----
18"""#;
19
20pub static CTRL_SERVER_NAME: &str = "ctrl.lunatic.cloud";
21
22static TEST_ROOT_KEYS: &str = r#"""
23-----BEGIN PRIVATE KEY-----
24MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg9ferf0du4h975Jhu
25boMyGfdI+xwp7ewOulGvpTcvdpehRANCAARlVNxYAwsmmFNc2EMBbZZVwL8GBtnn
26u8IROdDd68ixc0VBjfrV0zAM344lKJcs9slsMTEofoYvMCpIBhnSGyAF
27-----END PRIVATE KEY-----"""#;
28
29pub fn test_root_cert() -> Result<Certificate> {
30    let key_pair = KeyPair::from_pem(TEST_ROOT_KEYS)?;
31    let root_params = CertificateParams::from_ca_cert_pem(TEST_ROOT_CERT, key_pair)?;
32    let root_cert = Certificate::from_params(root_params)?;
33    Ok(root_cert)
34}
35
36pub fn root_cert(ca_cert: &str, ca_keys: &str) -> Result<Certificate> {
37    let ca_cert_pem = std::fs::read(Path::new(ca_cert))?;
38    let ca_keys_pem = std::fs::read(Path::new(ca_keys))?;
39    let key_pair = KeyPair::from_pem(std::str::from_utf8(&ca_keys_pem)?)?;
40    let root_params =
41        CertificateParams::from_ca_cert_pem(std::str::from_utf8(&ca_cert_pem)?, key_pair)?;
42    let root_cert = Certificate::from_params(root_params)?;
43    Ok(root_cert)
44}
45
46fn ctrl_cert() -> Result<Certificate> {
47    let mut ctrl_params = CertificateParams::new(vec![CTRL_SERVER_NAME.into()]);
48    ctrl_params
49        .distinguished_name
50        .push(DnType::OrganizationName, "Lunatic Inc.");
51    ctrl_params
52        .distinguished_name
53        .push(DnType::CommonName, "Control CA");
54    Ok(Certificate::from_params(ctrl_params)?)
55}
56
57pub fn default_server_certificates(root_cert: &Certificate) -> Result<(String, String)> {
58    let ctrl_cert = ctrl_cert()?;
59    let cert_pem = ctrl_cert.serialize_pem_with_signer(root_cert)?;
60    let key_pem = ctrl_cert.serialize_private_key_pem();
61    Ok((cert_pem, key_pem))
62}