Name Date Size #Lines LOC

..22-Aug-2023-

README.mdH A D22-Aug-20232 KiB6146

client.csrH A D22-Aug-2023347 87

client.pemH A D22-Aug-2023227 65

client.pem.private_key.pemH A D22-Aug-2023241 65

client.pub.pemH A D22-Aug-2023453 109

extfile.confH A D22-Aug-202331 21

server.csrH A D22-Aug-2023347 87

server.pemH A D22-Aug-2023227 65

server.pem.private_key.pemH A D22-Aug-2023241 65

server.pub.pemH A D22-Aug-2023477 109

README.md

1# Certificates
2
3The certificates in for the examples are generated using the commands shown below.
4
5Note that this was run on OpenSSL 1.1.1d, of which the arguments can be found in the [OpenSSL Manpages](https://www.openssl.org/docs/man1.1.1/man1), and is not guaranteed to work on different OpenSSL versions.
6
7```shell
8# Extensions required for certificate validation.
9$ EXTFILE='extfile.conf'
10$ echo 'subjectAltName = DNS:webrtc.rs' > "${EXTFILE}"
11
12# Server.
13$ SERVER_NAME='server'
14$ openssl ecparam -name prime256v1 -genkey -noout -out "${SERVER_NAME}.pem"
15$ openssl req -key "${SERVER_NAME}.pem" -new -sha256 -subj '/C=NL' -out "${SERVER_NAME}.csr"
16$ openssl x509 -req -in "${SERVER_NAME}.csr" -extfile "${EXTFILE}" -days 365 -signkey "${SERVER_NAME}.pem" -sha256 -out "${SERVER_NAME}.pub.pem"
17
18# Client.
19$ CLIENT_NAME='client'
20$ openssl ecparam -name prime256v1 -genkey -noout -out "${CLIENT_NAME}.pem"
21$ openssl req -key "${CLIENT_NAME}.pem" -new -sha256 -subj '/C=NL' -out "${CLIENT_NAME}.csr"
22$ openssl x509 -req -in "${CLIENT_NAME}.csr" -extfile "${EXTFILE}" -days 365 -CA "${SERVER_NAME}.pub.pem" -CAkey "${SERVER_NAME}.pem" -set_serial '0xabcd' -sha256 -out "${CLIENT_NAME}.pub.pem"
23
24# Cleanup.
25$ rm "${EXTFILE}" "${SERVER_NAME}.csr" "${CLIENT_NAME}.csr"
26```
27
28## Converting EC private key to PKCS#8 in Rust
29
30`Cargo.toml`:
31
32```toml
33[dependencies]
34topk8 = "0.0.1"
35```
36
37`main.rs`:
38
39```rust
40fn main() {
41    let ec_pem = "
42-----BEGIN EC PRIVATE KEY-----
43MHcCAQEEIAL4r6d9lPq3XEDSZTL9l0D6thrPM7RiAhl3Fjuw9Ji2oAoGCCqGSM49
44AwEHoUQDQgAE4U64dviQRMujGK0g80dwzgjV7fnwLkj6RfvINMHvD6eiCsphWIlq
45cddTAoOjXVQDu3qMAS1Ghfyk1F377EW1Sw==
46-----END EC PRIVATE KEY-----
47";
48
49    let pkcs8_pem = topk8::from_sec1_pem(ec_pem).unwrap();
50
51    println!("{}", pkcs8_pem);
52
53    // -----BEGIN PRIVATE KEY-----
54    // MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgAvivp32U+rdcQNJl
55    // Mv2XQPq2Gs8ztGICGXcWO7D0mLagCgYIKoZIzj0DAQehRANCAAThTrh2+JBEy6MY
56    // rSDzR3DOCNXt+fAuSPpF+8g0we8Pp6IKymFYiWpx11MCg6NdVAO7eowBLUaF/KTU
57    // XfvsRbVL
58    // -----END PRIVATE KEY-----
59}
60```
61