-
Notifications
You must be signed in to change notification settings - Fork 47
/
pem_utils.go
67 lines (57 loc) · 1.52 KB
/
pem_utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
/*
Copyright (c) 2021 - Present. Blend Labs, Inc. All rights reserved
Use of this source code is governed by a MIT license that can be found in the LICENSE file.
*/
package certutil
import (
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"io/ioutil"
"github.com/blend/go-sdk/ex"
)
// CommonNamesForCertPEM returns the common names from a cert pair.
func CommonNamesForCertPEM(certPEM []byte) ([]string, error) {
certs, err := ParseCertPEM(certPEM)
if err != nil {
return nil, err
}
output := make([]string, len(certs))
for index, cert := range certs {
output[index] = cert.Subject.CommonName
}
return output, nil
}
// ParseCertPEM parses the cert portion of a cert pair.
func ParseCertPEM(certPem []byte) (output []*x509.Certificate, err error) {
for len(certPem) > 0 {
var block *pem.Block
block, certPem = pem.Decode(certPem)
if block == nil {
break
}
if block.Type != BlockTypeCertificate || len(block.Headers) != 0 {
continue
}
cert, certErr := x509.ParseCertificate(block.Bytes)
if certErr != nil {
err = ex.New(certErr)
return
}
output = append(output, cert)
}
return
}
// ReadPrivateKeyPEMFromPath reads a private key pem from a given path.
func ReadPrivateKeyPEMFromPath(keyPath string) (*rsa.PrivateKey, error) {
contents, err := ioutil.ReadFile(keyPath)
if err != nil {
return nil, ex.New(err, ex.OptMessagef("key path: %s", keyPath))
}
data, _ := pem.Decode(contents)
pk, err := x509.ParsePKCS1PrivateKey(data.Bytes)
if err != nil {
return nil, ex.New(err)
}
return pk, nil
}