MCPcopy
hub / github.com/cloudflare/cloudflared / decodeOriginCert

Function decodeOriginCert

credentials/origin_cert.go:83–111  ·  view source on GitHub ↗
(blocks []byte)

Source from the content-addressed store, hash-verified

81}
82
83func decodeOriginCert(blocks []byte) (*OriginCert, error) {
84 if len(blocks) == 0 {
85 return nil, fmt.Errorf("cannot decode empty certificate")
86 }
87 originCert := OriginCert{}
88 block, rest := pem.Decode(blocks)
89 for block != nil {
90 switch block.Type {
91 case "PRIVATE KEY", "CERTIFICATE":
92 // this is for legacy purposes.
93 case "ARGO TUNNEL TOKEN":
94 if originCert.ZoneID != "" || originCert.APIToken != "" {
95 return nil, fmt.Errorf("found multiple tokens in the certificate")
96 }
97 // The token is a string,
98 // Try the newer JSON format
99 _ = json.Unmarshal(block.Bytes, &originCert)
100 default:
101 return nil, fmt.Errorf("unknown block %s in the certificate", block.Type)
102 }
103 block, rest = pem.Decode(rest)
104 }
105
106 if originCert.ZoneID == "" || originCert.APIToken == "" {
107 return nil, fmt.Errorf("missing token in the certificate")
108 }
109
110 return &originCert, nil
111}
112
113func readOriginCert(originCertPath string) ([]byte, error) {
114 originCert, err := os.ReadFile(originCertPath)

Callers 5

ReadFunction · 0.85
DecodeOriginCertFunction · 0.85
TestLoadOriginCertFunction · 0.85

Calls 3

ErrorfMethod · 0.80
DecodeMethod · 0.45
UnmarshalMethod · 0.45

Tested by 3

TestLoadOriginCertFunction · 0.68