/*
ucspi -- UCSPI-related utilities
-Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2021-2022 Sergey Matveev <stargrave@stargrave.org>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
if err != nil {
return
}
- block, data := pem.Decode(data)
- if block == nil {
- err = errors.New("can not decode PEM")
- return
- }
- if block.Type != "CERTIFICATE" {
- err = errors.New("non CERTIFICATE found in PEM")
- return
+ var block *pem.Block
+ for len(data) > 0 {
+ block, data = pem.Decode(data)
+ if block == nil {
+ continue
+ }
+ if block.Type == "CERTIFICATE" {
+ b = block.Bytes
+ c, err = x509.ParseCertificate(b)
+ return
+ }
}
- b = block.Bytes
- c, err = x509.ParseCertificate(b)
+ err = errors.New("no CERTIFICATE found in PEM")
return
}
if err != nil {
return
}
- block, data := pem.Decode(data)
- if block == nil {
- err = errors.New("can not decode PEM")
- return
- }
- data = block.Bytes
- switch block.Type {
- case "PRIVATE KEY":
- prv, err = x509.ParsePKCS8PrivateKey(data)
- case "EC PRIVATE KEY":
- prv, err = x509.ParseECPrivateKey(data)
- default:
- err = errors.New("non PRIVATE KEY found in PEM")
+ var block *pem.Block
+ for len(data) > 0 {
+ block, data = pem.Decode(data)
+ if block == nil {
+ continue
+ }
+ switch block.Type {
+ case "PRIVATE KEY":
+ prv, err = x509.ParsePKCS8PrivateKey(block.Bytes)
+ return
+ case "EC PRIVATE KEY":
+ prv, err = x509.ParseECPrivateKey(block.Bytes)
+ return
+ }
}
+ err = errors.New("no PRIVATE KEY found in PEM")
return
}
-func CertPoolFromFile(p string) (pool *x509.CertPool, err error) {
+func CertPoolFromFile(p string) (certs []*x509.Certificate, pool *x509.CertPool, err error) {
var data []byte
data, err = ioutil.ReadFile(p)
if err != nil {
if err != nil {
return
}
+ certs = append(certs, ca)
pool.AddCert(ca)
}
return