dory/src/fingerprint.rs

use digest::Digest;
use rustls::Certificate;
use sha2::Sha256;
use std::fmt::{Write, self};
use x509_parser::prelude::*;

pub trait Fingerprint {
    type Error;

    fn fingerprint(&self) -> Result<(String, String), Self::Error>;
}

#[derive(Clone, Debug, PartialEq)]
pub enum Error {
    Fmt,
    X509(X509Error),
}

impl fmt::Display for Error {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        match self {
            Self::Fmt => write!(f, "FingerPrint: format error"),
            Self::X509(e) => write!(f, "FingerPrint: {e}"),
        }
    }
}

impl std::error::Error for Error {
    fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {
        match self {
            Self::Fmt => None,
            Self::X509(e) => Some(e),
        }
    }
}

impl From<fmt::Error> for Error {
    fn from(_value: fmt::Error) -> Self {
        Self::Fmt
    }
}

impl From<x509_parser::nom::Err<x509_parser::error::X509Error>> for Error {
    fn from(value: x509_parser::nom::Err<x509_parser::error::X509Error>) -> Self {
        Self::X509(value.into())
    }
}

impl Fingerprint for Certificate {
    type Error = Error;

    fn fingerprint(&self) -> Result<(String, String), Self::Error> {
        let (_, pk) = X509Certificate::from_der(self.as_ref())?;
        let subject = pk.subject().to_string();
        let key = pk.public_key().subject_public_key.as_ref();
        let mut hasher = Sha256::new();
        hasher.update(key);
        let res = hasher.finalize();
        let mut s = String::with_capacity(res.len());
        for c in res {
            write!(s, "{c:02x}")?;
        }
        Ok((subject[3..].to_string(), s))
    }
}
Add `Store`, `Verifier` and `Fingerprint` types for handling certificates 2023-05-22 20:47:20 -04:00			`use digest::Digest;`
			`use rustls::Certificate;`
			`use sha2::Sha256;`
			`use std::fmt::{Write, self};`
			`use x509_parser::prelude::*;`

			`pub trait Fingerprint {`
			`type Error;`

			`fn fingerprint(&self) -> Result<(String, String), Self::Error>;`
			`}`

			`#[derive(Clone, Debug, PartialEq)]`
			`pub enum Error {`
			`Fmt,`
			`X509(X509Error),`
			`}`

			`impl fmt::Display for Error {`
			`fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {`
			`match self {`
			`Self::Fmt => write!(f, "FingerPrint: format error"),`
			`Self::X509(e) => write!(f, "FingerPrint: {e}"),`
			`}`
			`}`
			`}`

			`impl std::error::Error for Error {`
			`fn source(&self) -> Option<&(dyn std::error::Error + 'static)> {`
			`match self {`
			`Self::Fmt => None,`
			`Self::X509(e) => Some(e),`
			`}`
			`}`
			`}`

			`impl From<fmt::Error> for Error {`
			`fn from(_value: fmt::Error) -> Self {`
			`Self::Fmt`
			`}`
			`}`

			`impl From<x509_parser::nom::Err<x509_parser::error::X509Error>> for Error {`
			`fn from(value: x509_parser::nom::Err<x509_parser::error::X509Error>) -> Self {`
			`Self::X509(value.into())`
			`}`
			`}`

			`impl Fingerprint for Certificate {`
			`type Error = Error;`

			`fn fingerprint(&self) -> Result<(String, String), Self::Error> {`
			`let (_, pk) = X509Certificate::from_der(self.as_ref())?;`
			`let subject = pk.subject().to_string();`
			`let key = pk.public_key().subject_public_key.as_ref();`
			`let mut hasher = Sha256::new();`
			`hasher.update(key);`
			`let res = hasher.finalize();`
			`let mut s = String::with_capacity(res.len());`
			`for c in res {`
			`write!(s, "{c:02x}")?;`
			`}`
			`Ok((subject[3..].to_string(), s))`
			`}`
			`}`