Restructure PEM input/output methods

Dealing with byte buffers directly avoids error handling weirdness and
we were loading it all into memory before anyway.

2 files changed, 35 insertions, 92 deletions

diff --git a/openssl/src/x509/mod.rs b/openssl/src/x509/mod.rs
index 05d8221e..64a61df0 100644
--- a/openssl/src/x509/mod.rs
+++ b/openssl/src/x509/mod.rs
@@ -1,6 +1,4 @@
 use libc::{c_char, c_int, c_long, c_ulong, c_uint, c_void};
-use std::io;
-use std::io::prelude::*;
 use std::cmp::Ordering;
 use std::ffi::CString;
 use std::iter::repeat;
@@ -14,7 +12,7 @@ use std::collections::HashMap;
 use std::marker::PhantomData;
 
 use asn1::Asn1Time;
-use bio::MemBio;
+use bio::{MemBio, MemBioSlice};
 use crypto::hash;
 use crypto::hash::Type as HashType;
 use crypto::pkey::{PKey, Parts};
@@ -116,13 +114,6 @@ impl X509StoreContext {
 /// # Example
 ///
 /// ```
-/// # #[allow(unstable)]
-/// # fn main() {
-/// use std::fs;
-/// use std::fs::File;
-/// use std::io::prelude::*;
-/// use std::path::Path;
-///
 /// use openssl::crypto::hash::Type;
 /// use openssl::x509::X509Generator;
 /// use openssl::x509::extension::{Extension, KeyUsageOption};
@@ -135,17 +126,8 @@ impl X509StoreContext {
 ///        .add_extension(Extension::KeyUsage(vec![KeyUsageOption::DigitalSignature]));
 ///
 /// let (cert, pkey) = gen.generate().unwrap();
-///
-/// let cert_path = "doc_cert.pem";
-/// let mut file = File::create(cert_path).unwrap();
-/// assert!(cert.write_pem(&mut file).is_ok());
-/// # let _ = fs::remove_file(cert_path);
-///
-/// let pkey_path = "doc_key.pem";
-/// let mut file = File::create(pkey_path).unwrap();
-/// assert!(pkey.write_pem(&mut file).is_ok());
-/// # let _ = fs::remove_file(pkey_path);
-/// # }
+/// let cert_pem = cert.write_pem().unwrap();
+/// let pkey_pem = pkey.write_pem().unwrap();
 /// ```
 pub struct X509Generator {
     bits: u32,
@@ -444,12 +426,8 @@ impl<'ctx> X509<'ctx> {
     }
 
     /// Reads certificate from PEM, takes ownership of handle
-    pub fn from_pem<R>(reader: &mut R) -> io::Result<X509<'ctx>>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn from_pem(buf: &[u8]) -> Result<X509<'ctx>, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let handle = try_ssl_null!(ffi::PEM_read_bio_X509(mem_bio.get_handle(),
                                                               ptr::null_mut(),
@@ -523,25 +501,21 @@ impl<'ctx> X509<'ctx> {
     }
 
     /// Writes certificate as PEM
-    pub fn write_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
-    {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn write_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
         unsafe {
             try_ssl!(ffi::PEM_write_bio_X509(mem_bio.get_handle(), self.handle));
         }
-        io::copy(&mut mem_bio, writer).map(|_| ())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /// Returns a DER serialized form of the certificate
     pub fn save_der(&self) -> Result<Vec<u8>, ErrorStack> {
-        let mut mem_bio = try!(MemBio::new());
+        let mem_bio = try!(MemBio::new());
         unsafe {
             ffi::i2d_X509_bio(mem_bio.get_handle(), self.handle);
         }
-        let mut v = Vec::new();
-        drop(io::copy(&mut mem_bio, &mut v));
-        Ok(v)
+        Ok(mem_bio.get_buf().to_owned())
     }
 }
 
@@ -627,12 +601,8 @@ impl X509Req {
     }
 
     /// Reads CSR from PEM
-    pub fn from_pem<R>(reader: &mut R) -> io::Result<X509Req>
-        where R: Read
-    {
-        let mut mem_bio = try!(MemBio::new());
-        try!(io::copy(reader, &mut mem_bio));
-
+    pub fn from_pem(buf: &[u8]) -> Result<X509Req, ErrorStack> {
+        let mem_bio = try!(MemBioSlice::new(buf));
         unsafe {
             let handle = try_ssl_null!(ffi::PEM_read_bio_X509_REQ(mem_bio.get_handle(),
                                                                   ptr::null_mut(),
@@ -643,25 +613,21 @@ impl X509Req {
     }
 
     /// Writes CSR as PEM
-    pub fn write_pem<W>(&self, writer: &mut W) -> io::Result<()>
-        where W: Write
-    {
-        let mut mem_bio = try!(MemBio::new());
+    pub fn write_pem(&self) -> Result<Vec<u8>, ErrorStack> {
+        let mem_bio = try!(MemBio::new());
         if unsafe { ffi::PEM_write_bio_X509_REQ(mem_bio.get_handle(), self.handle) } != 1 {
-            return Err(io::Error::new(io::ErrorKind::Other, ErrorStack::get()));
+            return Err(ErrorStack::get());
         }
-        io::copy(&mut mem_bio, writer).map(|_| ())
+        Ok(mem_bio.get_buf().to_owned())
     }
 
     /// Returns a DER serialized form of the CSR
     pub fn save_der(&self) -> Result<Vec<u8>, ErrorStack> {
-        let mut mem_bio = try!(MemBio::new());
+        let mem_bio = try!(MemBio::new());
         unsafe {
             ffi::i2d_X509_REQ_bio(mem_bio.get_handle(), self.handle);
         }
-        let mut v = Vec::new();
-        drop(io::copy(&mut mem_bio, &mut v));
-        Ok(v)
+        Ok(mem_bio.get_buf().to_owned())
     }
 }
 
diff --git a/openssl/src/x509/tests.rs b/openssl/src/x509/tests.rs
index 5d9b30ab..167ca8cf 100644
--- a/openssl/src/x509/tests.rs
+++ b/openssl/src/x509/tests.rs
@@ -1,7 +1,4 @@
 use serialize::hex::FromHex;
-use std::io;
-use std::path::Path;
-use std::fs::File;
 
 use crypto::hash::Type::SHA1;
 use crypto::pkey::PKey;
@@ -30,8 +27,8 @@ fn get_generator() -> X509Generator {
 #[test]
 fn test_cert_gen() {
     let (cert, pkey) = get_generator().generate().unwrap();
-    cert.write_pem(&mut io::sink()).unwrap();
-    pkey.write_pem(&mut io::sink()).unwrap();
+    cert.write_pem().unwrap();
+    pkey.write_pem().unwrap();
 
     // FIXME: check data in result to be correct, needs implementation
     // of X509 getters
@@ -70,7 +67,7 @@ fn test_req_gen() {
     pkey.gen(512);
 
     let req = get_generator().request(&pkey).unwrap();
-    req.write_pem(&mut io::sink()).unwrap();
+    req.write_pem().unwrap();
 
     // FIXME: check data in result to be correct, needs implementation
     // of X509_REQ getters
@@ -78,12 +75,8 @@ fn test_req_gen() {
 
 #[test]
 fn test_cert_loading() {
-    let cert_path = Path::new("test/cert.pem");
-    let mut file = File::open(&cert_path)
-                       .ok()
-                       .expect("Failed to open `test/cert.pem`");
-
-    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
+    let cert = include_bytes!("../../test/cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
     let fingerprint = cert.fingerprint(SHA1).unwrap();
 
     let hash_str = "E19427DAC79FBE758394945276A6E4F15F0BEBE6";
@@ -94,12 +87,8 @@ fn test_cert_loading() {
 
 #[test]
 fn test_save_der() {
-    let cert_path = Path::new("test/cert.pem");
-    let mut file = File::open(&cert_path)
-                       .ok()
-                       .expect("Failed to open `test/cert.pem`");
-
-    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
+    let cert = include_bytes!("../../test/cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
 
     let der = cert.save_der().unwrap();
     assert!(!der.is_empty());
@@ -107,12 +96,8 @@ fn test_save_der() {
 
 #[test]
 fn test_subject_read_cn() {
-    let cert_path = Path::new("test/cert.pem");
-    let mut file = File::open(&cert_path)
-                       .ok()
-                       .expect("Failed to open `test/cert.pem`");
-
-    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
+    let cert = include_bytes!("../../test/cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
     let subject = cert.subject_name();
     let cn = match subject.text_by_nid(Nid::CN) {
         Some(x) => x,
@@ -124,12 +109,8 @@ fn test_subject_read_cn() {
 
 #[test]
 fn test_nid_values() {
-    let cert_path = Path::new("test/nid_test_cert.pem");
-    let mut file = File::open(&cert_path)
-                       .ok()
-                       .expect("Failed to open `test/nid_test_cert.pem`");
-
-    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
+    let cert = include_bytes!("../../test/nid_test_cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
     let subject = cert.subject_name();
 
     let cn = match subject.text_by_nid(Nid::CN) {
@@ -153,12 +134,8 @@ fn test_nid_values() {
 
 #[test]
 fn test_nid_uid_value() {
-    let cert_path = Path::new("test/nid_uid_test_cert.pem");
-    let mut file = File::open(&cert_path)
-                       .ok()
-                       .expect("Failed to open `test/nid_uid_test_cert.pem`");
-
-    let cert = X509::from_pem(&mut file).ok().expect("Failed to load PEM");
+    let cert = include_bytes!("../../test/nid_uid_test_cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
     let subject = cert.subject_name();
 
     let cn = match subject.text_by_nid(Nid::UserId) {
@@ -170,8 +147,8 @@ fn test_nid_uid_value() {
 
 #[test]
 fn test_subject_alt_name() {
-    let mut file = File::open("test/alt_name_cert.pem").unwrap();
-    let cert = X509::from_pem(&mut file).unwrap();
+    let cert = include_bytes!("../../test/alt_name_cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
 
     let subject_alt_names = cert.subject_alt_names().unwrap();
     assert_eq!(3, subject_alt_names.len());
@@ -184,8 +161,8 @@ fn test_subject_alt_name() {
 
 #[test]
 fn test_subject_alt_name_iter() {
-    let mut file = File::open("test/alt_name_cert.pem").unwrap();
-    let cert = X509::from_pem(&mut file).unwrap();
+    let cert = include_bytes!("../../test/alt_name_cert.pem");
+    let cert = X509::from_pem(cert).ok().expect("Failed to load PEM");
 
     let subject_alt_names = cert.subject_alt_names().unwrap();
     let mut subject_alt_names_iter = subject_alt_names.iter();