asonix/tokio-postgres-generic-rustls
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions
rustls-backed TLS for tokio-postgres without a required crypto backend
9 commits 1 branch 1 tag 55 KiB
Rust 95.4%
Nix 4.6%
Find a file
asonix 2453d99d72
Some checks failed
/ check (aarch64-unknown-linux-musl) (push) Successful in 53s
Details
/ check (armv7-unknown-linux-musleabihf) (push) Successful in 1m2s
Details
/ check (x86_64-unknown-linux-musl) (push) Successful in 50s
Details
/ tests (push) Successful in 35s
Details
/ publish-forgejo (push) Failing after 3s
Details
/ clippy (push) Successful in 33s
Details
/ publish-crate (push) Failing after 17s
Details
/ build (aarch64-unknown-linux-musl) (push) Successful in 56s
Details
/ build (armv7-unknown-linux-musleabihf) (push) Successful in 1m2s
Details
/ build (x86_64-unknown-linux-musl) (push) Successful in 50s
Details
Fix license
2024-05-03 19:49:52 -05:00
.forgejo/workflows Working base image 2024-05-03 17:02:42 -05:00
src Remove fn main() from doctests 2024-05-03 15:05:20 -05:00
.gitignore Implementation 2024-05-03 11:56:09 -05:00
Cargo.toml Fix license 2024-05-03 19:49:52 -05:00
flake.lock Implementation 2024-05-03 11:56:09 -05:00
flake.nix Initial commit 2024-05-03 11:56:02 -05:00
LICENSE-APACHE Add documentation, prepare release 2024-05-03 15:03:07 -05:00
LICENSE-MIT Add documentation, prepare release 2024-05-03 15:03:07 -05:00
README.md Add documentation, prepare release 2024-05-03 15:03:07 -05:00

README.md

tokio-postgres-generic-rustls

An impelementation of TLS based on rustls for tokio-postgres

This crate allows users to select a crypto backend, or bring their own, rather than relying on primitives provided by ring directly. This is done through the use of x509-cert for certificate parsing rather than X509-certificate, while also adding an abstraction for computing digests.

By default, tokio-postgres-generic-rustls does not provide a digest implementation, but one or more are provided behind crate features.

Feature Impelementation
aws-lc-rs AwsLcRsDigest
ring RingDigest
rustcrypto RustcryptoDigest

Usage

Using this crate is fairly straightforward. First, select your digest impelementation via crate features (or provide your own), then construct rustls connector for tokio-postgres with your rustls client configuration.

The following example demonstrates providing a custom digest backend.

use tokio_postgres_generic_rustls::{DigestImplementation, DigestAlgorithm, MakeRustlsConnect};

#[derive(Clone)]
struct DemoDigest;

impl DigestImplementation for DemoDigest {
    fn digest(&self, algorithm: DigestAlgorithm, bytes: &[u8]) -> Vec<u8> {
        todo!("digest it")
    }
}

fn main() {
    let cert_store = rustls::RootCertStore::empty();

    let config = rustls::ClientConfig::builder()
        .with_root_certificates(cert_store)
        .with_no_client_auth();

    let tls = MakeRustlsConnect::new(config, DemoDigest);

    let connect_future = tokio_postgres::connect("postgres://username:password@localhost:5432/db", tls);

    // connect_future.await;
}

License

This project is licensed under either of

at your option.