diff --git a/Cargo.toml b/Cargo.toml index e02d3b35..1bc8bd18 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -56,7 +56,7 @@ quick-xml = { version = "0.38.0", features = ["serialize", "overlapped-lists"], rand = { version = "0.9", default-features = false, features = ["std", "std_rng", "thread_rng"], optional = true } reqwest = { version = "0.12", default-features = false, features = ["rustls-tls-native-roots", "http2"], optional = true } ring = { version = "0.17", default-features = false, features = ["std"], optional = true } -rustls-pemfile = { version = "2.0", default-features = false, features = ["std"], optional = true } +rustls-pki-types = { version = "1.9", default-features = false, features = ["std"], optional = true } serde = { version = "1.0", default-features = false, features = ["derive"], optional = true } serde_json = { version = "1.0", default-features = false, features = ["std"], optional = true } serde_urlencoded = { version = "0.7", optional = true } @@ -74,7 +74,7 @@ default = ["fs"] cloud = ["serde", "serde_json", "quick-xml", "hyper", "reqwest", "reqwest/stream", "chrono/serde", "base64", "rand", "ring", "http-body-util", "form_urlencoded", "serde_urlencoded"] azure = ["cloud", "httparse"] fs = ["walkdir"] -gcp = ["cloud", "rustls-pemfile"] +gcp = ["cloud", "rustls-pki-types"] aws = ["cloud", "md-5"] http = ["cloud"] tls-webpki-roots = ["reqwest?/rustls-tls-webpki-roots"] diff --git a/src/gcp/credential.rs b/src/gcp/credential.rs index 2245829f..75de68c1 100644 --- a/src/gcp/credential.rs +++ b/src/gcp/credential.rs @@ -91,7 +91,9 @@ pub enum Error { TokenResponseBody { source: HttpError }, #[error("Error reading pem file: {}", source)] - ReadPem { source: std::io::Error }, + ReadPem { + source: rustls_pki_types::pem::Error, + }, } impl From for crate::Error { @@ -127,19 +129,14 @@ pub struct ServiceAccountKey(RsaKeyPair); impl ServiceAccountKey { /// Parses a pem-encoded RSA key pub fn from_pem(encoded: &[u8]) -> Result { - use rustls_pemfile::Item; - use std::io::Cursor; - - let mut cursor = Cursor::new(encoded); - let mut reader = BufReader::new(&mut cursor); - - match rustls_pemfile::read_one(&mut reader) { - Ok(item) => match item { - Some(Item::Pkcs8Key(key)) => Self::from_pkcs8(key.secret_pkcs8_der()), - Some(Item::Pkcs1Key(key)) => Self::from_der(key.secret_pkcs1_der()), - _ => Err(Error::MissingKey), - }, - Err(e) => Err(Error::ReadPem { source: e }), + use rustls_pki_types::PrivateKeyDer; + use rustls_pki_types::pem::PemObject; + + match PrivateKeyDer::from_pem_slice(encoded) { + Ok(PrivateKeyDer::Pkcs8(key)) => Self::from_pkcs8(key.secret_pkcs8_der()), + Ok(PrivateKeyDer::Pkcs1(key)) => Self::from_der(key.secret_pkcs1_der()), + Ok(_) => Err(Error::MissingKey), + Err(source) => Err(Error::ReadPem { source }), } }