MCPcopy
hub / github.com/cert-manager/cert-manager / SafeDecodePrivateKey

Function SafeDecodePrivateKey

internal/pem/decode.go:186–188  ·  view source on GitHub ↗

SafeDecodePrivateKey calls [encoding/pem.Decode] on the given input as long as it's within a sensible range for how large we expect a private key to be. The baseline is a 16k-bit RSA private key, which is larger than the maximum supported by cert-manager for key generation.

(b []byte)

Source from the content-addressed store, hash-verified

184// how large we expect a private key to be. The baseline is a 16k-bit RSA private key, which is larger than the maximum
185// supported by cert-manager for key generation.
186func SafeDecodePrivateKey(b []byte) (*stdpem.Block, []byte, error) {
187 return safeDecodeInternal(b, GetGlobalSizeLimits().MaxPrivateKeySize)
188}
189
190// SafeDecodeCSR calls [encoding/pem.Decode] on the given input as long as it's within a sensible range for
191// how large we expect a single PEM-encoded PKCS#10 CSR to be.

Callers 7

Test_ensureSecretDataFunction · 0.92
Test_SecretsManagerFunction · 0.92
TestPrivateKeyEncodingsFunction · 0.92
DecodePrivateKeyBytesFunction · 0.92
OutputFormatDERFunction · 0.92
TestFuzzDataFunction · 0.85

Calls 2

safeDecodeInternalFunction · 0.85
GetGlobalSizeLimitsFunction · 0.85

Tested by 5

Test_ensureSecretDataFunction · 0.74
Test_SecretsManagerFunction · 0.74
TestPrivateKeyEncodingsFunction · 0.74
TestFuzzDataFunction · 0.68

Used in the wild real call sites across dependent graphs

searching dependent graphs…