Provide identity_key_x509_as_der

Signed-off-by: David Mulder <[email protected]>
kanidm · Oct 27, 2023 · f6b3dbd · f6b3dbd
1 parent 397c2ef
commit f6b3dbd
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 0 deletions.
diff --git a/src/lib.rs b/src/lib.rs
@@ -104,6 +104,7 @@ pub enum HsmError {
     IdentityKeyInvalidForSigning,
     IdentityKeySignature,
     IdentityKeyX509ToPem,
+    IdentityKeyX509ToDer,
     IdentityKeyX509Missing,
     RsaGenerate,
     RsaPrivateToDer,
@@ -214,4 +215,5 @@ trait HsmIdentity: Hsm {
     ) -> Result<Self::LoadableIdentityKey, HsmError>;
 
     fn identity_key_x509_as_pem(&mut self, key: &Self::IdentityKey) -> Result<Vec<u8>, HsmError>;
+    fn identity_key_x509_as_der(&mut self, key: &Self::IdentityKey) -> Result<Vec<u8>, HsmError>;
 }
diff --git a/src/soft.rs b/src/soft.rs
@@ -416,6 +416,23 @@ impl HsmIdentity for SoftHsm {
         }
     }
 
+    fn identity_key_x509_as_der(&mut self, key: &Self::IdentityKey) -> Result<Vec<u8>, HsmError> {
+        match key {
+            SoftIdentityKey::Ecdsa256 {
+                pkey: _,
+                x509: Some(x509),
+            }
+            | SoftIdentityKey::Rsa2048 {
+                pkey: _,
+                x509: Some(x509),
+            } => x509.to_der().map_err(|ossl_err| {
+                error!(?ossl_err);
+                HsmError::IdentityKeyX509ToDer
+            }),
+            _ => Err(HsmError::IdentityKeyX509Missing),
+        }
+    }
+
     fn identity_key_sign(
         &mut self,
         key: &Self::IdentityKey,