PEMDecodePrivateKey loads a PEM-encoded ECC/RSA private key from an array of bytes. Borrowed from Go standard library, to handle various private key and PEM block types.
(keyPEMBytes []byte)
| 73 | // PEMDecodePrivateKey loads a PEM-encoded ECC/RSA private key from an array of bytes. |
| 74 | // Borrowed from Go standard library, to handle various private key and PEM block types. |
| 75 | func PEMDecodePrivateKey(keyPEMBytes []byte) (crypto.Signer, error) { |
| 76 | // Modified from original: |
| 77 | // https://github.com/golang/go/blob/693748e9fa385f1e2c3b91ca9acbb6c0ad2d133d/src/crypto/tls/tls.go#L291-L308 |
| 78 | // https://github.com/golang/go/blob/693748e9fa385f1e2c3b91ca9acbb6c0ad2d133d/src/crypto/tls/tls.go#L238 |
| 79 | |
| 80 | keyBlockDER, _ := pem.Decode(keyPEMBytes) |
| 81 | |
| 82 | if keyBlockDER == nil { |
| 83 | return nil, fmt.Errorf("failed to decode PEM block containing private key") |
| 84 | } |
| 85 | |
| 86 | if keyBlockDER.Type != "PRIVATE KEY" && !strings.HasSuffix(keyBlockDER.Type, " PRIVATE KEY") { |
| 87 | return nil, fmt.Errorf("unknown PEM header %q", keyBlockDER.Type) |
| 88 | } |
| 89 | |
| 90 | if key, err := x509.ParsePKCS1PrivateKey(keyBlockDER.Bytes); err == nil { |
| 91 | return key, nil |
| 92 | } |
| 93 | |
| 94 | if key, err := x509.ParsePKCS8PrivateKey(keyBlockDER.Bytes); err == nil { |
| 95 | switch key := key.(type) { |
| 96 | case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey: |
| 97 | return key.(crypto.Signer), nil |
| 98 | default: |
| 99 | return nil, fmt.Errorf("found unknown private key type in PKCS#8 wrapping: %T", key) |
| 100 | } |
| 101 | } |
| 102 | |
| 103 | if key, err := x509.ParseECPrivateKey(keyBlockDER.Bytes); err == nil { |
| 104 | return key, nil |
| 105 | } |
| 106 | |
| 107 | return nil, fmt.Errorf("unknown private key type") |
| 108 | } |
| 109 | |
| 110 | // parseCertsFromPEMBundle parses a certificate bundle from top to bottom and returns |
| 111 | // a slice of x509 certificates. This function will error if no certificates are found. |
no outgoing calls
searching dependent graphs…