Function addCertsFromFile [src]

Prototype

pub fn addCertsFromFile(cb: *Bundle, gpa: Allocator, file: fs.File) AddCertsFromFileError!void

Parameters

cb: *Bundlegpa: Allocatorfile: fs.File

Possible Errors

AccessDenied SeekError

In WASI, this error may occur when the file descriptor does not hold the required rights to seek on it.

BrokenPipe ReadError

Canceled ReadError

reading a timerfd with CANCEL_ON_SET will lead to this error when the clock goes through a discontinuous change

CertificateAuthorityBundleTooBig

CertificateFieldHasInvalidLength ParseError

CertificateFieldHasWrongDataType ParseTimeError

CertificateHasInvalidBitString ParseBitStringError

CertificateHasUnrecognizedObjectId ParseEnumError

CertificateTimeInvalid ParseTimeError

ConnectionResetByPeer ReadError

ConnectionTimedOut ReadError

InputOutput ReadError

InvalidCharacter Error

InvalidPadding Error

IsDir ReadError

LockViolation ReadError

Unable to read file due to lock.

MissingEndCertificateMarker

NoSpaceLeft Error

NotOpenForReading ReadError

OperationAborted ReadError

OutOfMemory Error

PermissionDenied FStatError

ProcessNotFound ReadError

This error occurs in Linux if the process to be read from no longer exists.

SocketNotConnected ReadError

SystemResources FStatError

Unexpected UnexpectedError

The Operating System returned an undocumented error code.

This error is in theory not possible, but it would be better to handle this error than to invoke undefined behavior.

When this error code is observed, it usually means the Zig Standard Library needs a small patch to add the error code to the error set for the respective function.

Unseekable SeekError

UnsupportedCertificateVersion ParseVersionError

WouldBlock ReadError

This error occurs when no global event loop is configured, and reading from the file descriptor would block.

Source

  pub fn addCertsFromFile(cb: *Bundle, gpa: Allocator, file: fs.File) AddCertsFromFileError!void {
    const size = try file.getEndPos();

    // We borrow `bytes` as a temporary buffer for the base64-encoded data.
    // This is possible by computing the decoded length and reserving the space
    // for the decoded bytes first.
    const decoded_size_upper_bound = size / 4 * 3;
    const needed_capacity = std.math.cast(u32, decoded_size_upper_bound + size) orelse
        return error.CertificateAuthorityBundleTooBig;
    try cb.bytes.ensureUnusedCapacity(gpa, needed_capacity);
    const end_reserved: u32 = @intCast(cb.bytes.items.len + decoded_size_upper_bound);
    const buffer = cb.bytes.allocatedSlice()[end_reserved..];
    const end_index = try file.readAll(buffer);
    const encoded_bytes = buffer[0..end_index];

    const begin_marker = "-----BEGIN CERTIFICATE-----";
    const end_marker = "-----END CERTIFICATE-----";

    const now_sec = std.time.timestamp();

    var start_index: usize = 0;
    while (mem.indexOfPos(u8, encoded_bytes, start_index, begin_marker)) |begin_marker_start| {
        const cert_start = begin_marker_start + begin_marker.len;
        const cert_end = mem.indexOfPos(u8, encoded_bytes, cert_start, end_marker) orelse
            return error.MissingEndCertificateMarker;
        start_index = cert_end + end_marker.len;
        const encoded_cert = mem.trim(u8, encoded_bytes[cert_start..cert_end], " \t\r\n");
        const decoded_start: u32 = @intCast(cb.bytes.items.len);
        const dest_buf = cb.bytes.allocatedSlice()[decoded_start..];
        cb.bytes.items.len += try base64.decode(dest_buf, encoded_cert);
        try cb.parseCert(gpa, decoded_start, now_sec);
    }
}  