Refactor Certificate management

libbonknet/src/servermsg.rs

@@ -3,6 +3,7 @@ pub use crate::ToPeerDataStream;
 use tokio_rustls::rustls::pki_types::{CertificateDer, PrivatePkcs8KeyDer};
 use serde::{Deserialize, Serialize};
 use uuid::Uuid;
+use crate::cert::LeafCertPair;
 
 #[derive(Debug, Serialize, Deserialize)]
 pub enum FromServerConnTypeMessage {
@@ -77,17 +78,31 @@ pub fn okannounce_to_cert<'a>(server_cert: Vec<u8>, server_prkey: Vec<u8>) -> (C
     (server_cert, server_prkey)
 }
 
+#[derive(Debug, Serialize, Deserialize)]
+pub struct OkAnnoucePayload {
+    server_cert: Vec<u8>,
+    ca_chain: Vec<Vec<u8>>,
+    server_prkey: Vec<u8>,
+}
+
+impl OkAnnoucePayload {
+    pub fn parse<'a>(self) -> LeafCertPair<'a> {
+        LeafCertPair::parse(self.server_cert, self.ca_chain, self.server_prkey)
+    }
+}
+
 #[derive(Debug, Serialize, Deserialize)]
 pub enum ToGuestServerMessage {
-    OkAnnounce { server_cert: Vec<u8>, server_prkey: Vec<u8> },
+    OkAnnounce(OkAnnoucePayload),
     FailedNameAlreadyOccupied,
 }
 
 impl ToGuestServerMessage {
-    pub fn make_okannounce(server_cert: CertificateDer, server_prkey: PrivatePkcs8KeyDer) -> Self {
-        ToGuestServerMessage::OkAnnounce {
-            server_cert: server_cert.to_vec(),
-            server_prkey: server_prkey.secret_pkcs8_der().to_vec()
-        }
+    pub fn make_okannounce(server_leaf: &LeafCertPair) -> Self {
+        ToGuestServerMessage::OkAnnounce(OkAnnoucePayload {
+            server_cert: server_leaf.cert().to_vec(),
+            ca_chain: server_leaf.fullchain().into_iter().map(|c| c.to_vec()).collect(),
+            server_prkey: server_leaf.prkey().secret_pkcs8_der().to_vec(),
+        })
     }
 }