add logic for fingerprint verification

2026-03-25 14:10:55 +03:00 · 2024-09-27 16:23:31 +02:00
parent 1c7490c58d
commit dedf59d1c7
16 changed files with 182 additions and 57 deletions
--- a/src/crypto.rs
+++ b/src/crypto.rs
@@ -4,6 +4,7 @@ use std::{fs::File, io::BufReader};

 use rcgen::KeyPair;
 use rustls::pki_types::CertificateDer;
+use sha2::{Digest, Sha256};
 use thiserror::Error;
 use webrtc_dtls::crypto::{Certificate, CryptoPrivateKey};

@@ -28,6 +29,18 @@ pub enum Error {
    Other(String),
 }

+pub fn generate_fingerprint(cert: &[u8]) -> String {
+    let mut hash = Sha256::new();
+    hash.update(cert);
+    let bytes = hash
+        .finalize()
+        .iter()
+        .map(|x| format!("{x:02x}"))
+        .collect::<Vec<_>>();
+    let fingerprint = bytes.join(":").to_lowercase();
+    fingerprint
+}
+
 /// load_key_and_certificate reads certificates or key from file
 pub fn load_key_and_certificate(
    key_path: PathBuf,