X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=x509.go;h=c41641f9b878f4867edf2177507d5c9c6c8e3c05;hb=refs%2Fheads%2Fmaster;hp=0743ba0b0c1734d2aab322a9d0fa850186f4807c;hpb=57c1e9924fef3fe07dfa9b3d5b996b50d0c08f17;p=ucspi.git diff --git a/x509.go b/x509.go index 0743ba0..c41641f 100644 --- a/x509.go +++ b/x509.go @@ -1,19 +1,17 @@ -/* -ucspi -- UCSPI-related utilities -Copyright (C) 2021 Sergey Matveev - -This program is free software: you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation, version 3 of the License. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License -along with this program. If not, see . -*/ +// ucspi -- UCSPI-related utilities +// Copyright (C) 2021-2024 Sergey Matveev +// +// This program is free software: you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation, version 3 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see . package ucspi @@ -21,55 +19,59 @@ import ( "crypto/x509" "encoding/pem" "errors" - "io/ioutil" + "os" ) func CertificateFromFile(p string) (b []byte, c *x509.Certificate, err error) { var data []byte - data, err = ioutil.ReadFile(p) + data, err = os.ReadFile(p) if err != nil { return } - block, data := pem.Decode(data) - if block == nil { - err = errors.New("can not decode PEM") - return - } - if block.Type != "CERTIFICATE" { - err = errors.New("non CERTIFICATE found in PEM") - return + var block *pem.Block + for len(data) > 0 { + block, data = pem.Decode(data) + if block == nil { + continue + } + if block.Type == "CERTIFICATE" { + b = block.Bytes + c, err = x509.ParseCertificate(b) + return + } } - b = block.Bytes - c, err = x509.ParseCertificate(b) + err = errors.New("no CERTIFICATE found in PEM") return } func PrivateKeyFromFile(p string) (prv interface{}, err error) { var data []byte - data, err = ioutil.ReadFile(p) + data, err = os.ReadFile(p) if err != nil { return } - block, data := pem.Decode(data) - if block == nil { - err = errors.New("can not decode PEM") - return - } - data = block.Bytes - switch block.Type { - case "PRIVATE KEY": - prv, err = x509.ParsePKCS8PrivateKey(data) - case "EC PRIVATE KEY": - prv, err = x509.ParseECPrivateKey(data) - default: - err = errors.New("non PRIVATE KEY found in PEM") + var block *pem.Block + for len(data) > 0 { + block, data = pem.Decode(data) + if block == nil { + continue + } + switch block.Type { + case "PRIVATE KEY": + prv, err = x509.ParsePKCS8PrivateKey(block.Bytes) + return + case "EC PRIVATE KEY": + prv, err = x509.ParseECPrivateKey(block.Bytes) + return + } } + err = errors.New("no PRIVATE KEY found in PEM") return } func CertPoolFromFile(p string) (certs []*x509.Certificate, pool *x509.CertPool, err error) { var data []byte - data, err = ioutil.ReadFile(p) + data, err = os.ReadFile(p) if err != nil { return }