Add Certificate::from_der + Certificate::from_pem

[oscartbeaumont]

I'm in the process of upgrading rcgen and I have to say the new API is much easier to understand, great job!

In reading some of the #62 I can see the idea of adding Certificate::from_der and Certificate::from_pem came up but they don't seem to have made it into the final release.

I wanted to know if there is a way to load an existing CA certificate to sign some more certificates without triggering signing.

Right now i'm doing the following:

let identity_key = todo!();
let cert: Vec<u8> = todo!();

let cert = CertificateParams::from_ca_cert_der(&cert.try_into().unwrap())
    .unwrap()
    .self_signed(&identity_key)
    .unwrap();

However, my presumption is that this will sign a new CA certificate on each startup of my application and I would rather just import the existing CA certificate and use it.

I tried to do a PR to add the Certificate::from_der + Certificate::from_pem but i'm kinda lost where the subject_public_key_info would come from. I've included what I had below:

impl Certificate {
	/// TODO
	pub fn from_der(der: CertificateDer<'static>) -> Result<Self, Error> {
		let params = CertificateParams::from_ca_cert_der(&der)?;
		Ok(Self {
			params,
			subject_public_key_info: todo!(),
			der,
		})
	}
}

[djc]

Yeah, this API isn't great right now. I've described a plan to improve it in #269 (comment) -- if you want to help implementing that, that would be awesome. Unfortunately with the current API I don't think there's a way around doing a fake self-signing of the CA certificate before using it to sign dependent certificates.