-
Notifications
You must be signed in to change notification settings - Fork 1
/
util.go
134 lines (120 loc) · 3.01 KB
/
util.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
package rsautil
import (
"bytes"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"strings"
)
func MustReadPrivateKey(pem string) *rsa.PrivateKey {
p, err := ReadPrivateKey(pem)
if err != nil {
panic(err)
}
return p
}
func ReadPrivateKey(pem string) (*rsa.PrivateKey, error) {
pem = normalizePem(pem, "RSA PRIVATE KEY")
pemByte := []byte(pem)
return ReadPrivateKeyBytes(pemByte)
}
func MustReadPrivateKeyBytes(pemBytes []byte) *rsa.PrivateKey {
p, err := ReadPrivateKeyBytes(pemBytes)
if err != nil {
panic(err)
}
return p
}
func ReadPrivateKeyBytes(pemBytes []byte) (*rsa.PrivateKey, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("invalid RSA PRIVATE KEY")
}
if block.Type != "RSA PRIVATE KEY" {
return nil, errors.New("expected type: RSA PRIVATE KEY, got: " + block.Type)
}
return x509.ParsePKCS1PrivateKey(block.Bytes)
}
func MustReadPublicKey(pem string) *rsa.PublicKey {
p, err := ReadPublicKey(pem)
if err != nil {
panic(err)
}
return p
}
func ReadPublicKey(pem string) (*rsa.PublicKey, error) {
pem = normalizePem(pem, "PUBLIC KEY")
pemByte := []byte(pem)
return ReadPublicKeyBytes(pemByte)
}
func MustReadPublicKeyBytes(pemBytes []byte) *rsa.PublicKey {
p, err := ReadPublicKeyBytes(pemBytes)
if err != nil {
panic(err)
}
return p
}
func ReadPublicKeyBytes(pemBytes []byte) (*rsa.PublicKey, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("invalid PUBLIC KEY")
}
if block.Type != "PUBLIC KEY" {
return nil, errors.New("expected type: RSA PUBLIC KEY, got: " + block.Type)
}
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
return pub.(*rsa.PublicKey), nil
}
func ReadX509Certificate(pem string) (*x509.Certificate, error) {
pem = normalizePem(pem, "CERTIFICATE")
pemByte := []byte(pem)
return ReadX509CertificateBytes(pemByte)
}
func MustReadX509CertificateBytes(pemBytes []byte) *x509.Certificate {
c, err := ReadX509CertificateBytes(pemBytes)
if err != nil {
panic(err)
}
return c
}
func ReadX509CertificateBytes(pemBytes []byte) (*x509.Certificate, error) {
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("invalid CERTIFICATE")
}
if block.Type != "CERTIFICATE" {
return nil, errors.New("expected type: X509 CERTIFICATE, got: " + block.Type)
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, err
}
return cert, nil
}
func normalizePem(pemStr string, typ string) string {
if strings.Index(pemStr, "-----BEGIN") == -1 || strings.Index(pemStr, "-----END") == -1 {
pemStr = fmt.Sprintf("-----BEGIN %s-----\n%s\n-----END %s-----", typ, pemStr, typ)
}
return pemStr
}
func ExtractPublicKeyPem(privateKey *rsa.PrivateKey) (string, error) {
bs, err := x509.MarshalPKIXPublicKey(&privateKey.PublicKey)
if err != nil {
return "", err
}
b := &pem.Block{
Type: "PUBLIC KEY",
Bytes: bs,
}
buf := &bytes.Buffer{}
err = pem.Encode(buf, b)
if err != nil {
return "", err
}
return buf.String(), nil
}