chore: refactor rpxy-certs

rpxy-certs/src/certs.rs

@@ -75,9 +75,7 @@ impl SingleServerCertsKeys {
   /* ------------------------------------------------ */
   /// Parse the client CA certificates and return a hashmap of pairs of a subject key identifier (key) and a trust anchor (value)
   pub fn rustls_client_certs_trust_anchors(&self) -> Result<TrustAnchors, RpxyCertError> {
-    let Some(certs) = self.client_ca_certs.as_ref() else {
+    let certs = self.client_ca_certs.as_ref().ok_or(RpxyCertError::NoClientCert)?;
-      return Err(RpxyCertError::NoClientCert);
-    };
     let certs = certs.iter().map(|c| Certificate::from(c.to_vec())).collect::<Vec<_>>();
 
     let trust_anchors = certs

rpxy-certs/src/crypto_source.rs

@@ -80,22 +80,20 @@ fn read_certs_and_keys(
 ) -> Result<SingleServerCertsKeys, RpxyCertError> {
   debug!("Read TLS server certificates and private key");
 
+  // ------------------------
   // certificates
-  let raw_certs = {
   let mut reader = BufReader::new(File::open(cert_path).map_err(|e| {
     io::Error::new(
       e.kind(),
       format!("Unable to load the certificates [{}]: {e}", cert_path.display()),
     )
   })?);
-    rustls_pemfile::certs(&mut reader)
+  let raw_certs = rustls_pemfile::certs(&mut reader)
     .collect::<Result<Vec<_>, _>>()
-      .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "Unable to parse the certificates"))?
+    .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "Unable to parse the certificates"))?;
-  };
 
+  // ------------------------
   // private keys
-  let raw_cert_keys = {
-    let encoded_keys = {
   let mut encoded_keys = vec![];
   File::open(cert_key_path)
     .map_err(|e| {
@@ -105,8 +103,6 @@ fn read_certs_and_keys(
       )
     })?
     .read_to_end(&mut encoded_keys)?;
-      encoded_keys
-    };
   let mut reader = Cursor::new(encoded_keys);
   let pkcs8_keys = rustls_pemfile::pkcs8_private_keys(&mut reader)
     .map(|v| v.map(rustls::pki_types::PrivateKeyDer::Pkcs8))
@@ -121,36 +117,33 @@ fn read_certs_and_keys(
   let mut rsa_keys = rustls_pemfile::rsa_private_keys(&mut reader)
     .map(|v| v.map(rustls::pki_types::PrivateKeyDer::Pkcs1))
     .collect::<Result<Vec<_>, _>>()?;
-    let mut keys = pkcs8_keys;
+  let mut raw_cert_keys = pkcs8_keys;
-    keys.append(&mut rsa_keys);
+  raw_cert_keys.append(&mut rsa_keys);
-    if keys.is_empty() {
+  if raw_cert_keys.is_empty() {
     return Err(RpxyCertError::IoError(io::Error::new(
       io::ErrorKind::InvalidInput,
       "No private keys found - Make sure that they are in PKCS#8/PEM format",
     )));
   }
-    keys
-  };
 
+  // ------------------------
   // client ca certificates
-  let client_ca_certs = if let Some(path) = client_ca_cert_path {
+  let client_ca_certs = client_ca_cert_path
+    .map(|path| {
       debug!("Read CA certificates for client authentication");
       // Reads client certificate and returns client
-    let certs = {
+      let inner = File::open(path).map_err(|e| {
-      let mut reader = BufReader::new(File::open(path).map_err(|e| {
         io::Error::new(
           e.kind(),
           format!("Unable to load the client certificates [{}]: {e}", path.display()),
         )
-      })?);
+      })?;
+      let mut reader = BufReader::new(inner);
       rustls_pemfile::certs(&mut reader)
         .collect::<Result<Vec<_>, _>>()
-        .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "Unable to parse the client certificates"))?
+        .map_err(|_| io::Error::new(io::ErrorKind::InvalidInput, "Unable to parse the client certificates"))
-    };
+    })
-    Some(certs)
+    .transpose()?;
-  } else {
-    None
-  };
 
   Ok(SingleServerCertsKeys::new(
     &raw_certs,