Crate rustls_pemfile
source ·Expand description
rustls-pemfile
A basic parser for .pem files containing cryptographic keys and certificates.
The input to this crate is a .pem file containing potentially many sections, and the output is those sections as alleged DER-encodings. This crate does not decode the actual DER-encoded keys/certificates.
Quick start
Starting with an io::BufRead
containing the file to be read:
- Use
read_all()
to ingest the whole file, then work through the contents in-memory, or, - Use
read_one()
to stream through the file, processing the items as found, or, - Use
certs()
to extract just the certificates (silently discarding other sections), and similarly forrsa_private_keys()
andpkcs8_private_keys()
.
Example code
use std::iter;
use rustls_pemfile::{Item, read_one};
// Assume `reader` is any std::io::BufRead implementor
for item in iter::from_fn(|| read_one(&mut reader).transpose()) {
match item.unwrap() {
Item::X509Certificate(cert) => println!("certificate {:?}", cert),
Item::Crl(crl) => println!("certificate revocation list: {:?}", crl),
Item::RSAKey(key) => println!("rsa pkcs1 key {:?}", key),
Item::PKCS8Key(key) => println!("pkcs8 key {:?}", key),
Item::ECKey(key) => println!("sec1 ec key {:?}", key),
_ => println!("unhandled item"),
}
}
Enums
- The contents of a single recognised block in a PEM file.
Functions
- Extract all the certificates from
rd
, and return a vec of byte vecs containing the der-format contents. - Extract all the certificate revocation lists (CRLs) from
rd
, and return a vec of byte vecs containing the der-format contents. - Extract all SEC1-encoded EC private keys from
rd
, and return a vec of byte vecs containing the der-format contents. - Extract all PKCS8-encoded private keys from
rd
, and return a vec of byte vecs containing the der-format contents. - Extract and return all PEM sections by reading
rd
. - Extract and decode the next PEM section from
rd
. - Extract all RSA private keys from
rd
, and return a vec of byte vecs containing the der-format contents.