(filename string)
| 1006 | } |
| 1007 | |
| 1008 | func parseSCEPDecrypterCertificate(filename string) ([]byte, error) { |
| 1009 | certs, err := pemutil.ReadCertificateBundle(filename) |
| 1010 | if err != nil { |
| 1011 | return nil, fmt.Errorf("failed reading certificate from %q: %w", filename, err) |
| 1012 | } |
| 1013 | if len(certs) == 0 { |
| 1014 | return nil, fmt.Errorf("no certificates found in %q", filename) |
| 1015 | } |
| 1016 | // TODO(hs): implement validation, such as key usage? |
| 1017 | buf := bytes.Buffer{} |
| 1018 | if err = pem.Encode(&buf, &pem.Block{ |
| 1019 | Type: "CERTIFICATE", |
| 1020 | Bytes: certs[0].Raw, // assumes the bundle is a certificate chain; using first cert as decrypter |
| 1021 | }); err != nil { |
| 1022 | return nil, fmt.Errorf("failed encoding certificate: %w", err) |
| 1023 | } |
| 1024 | return buf.Bytes(), nil |
| 1025 | } |
| 1026 | |
| 1027 | func readSCEPDecrypterKey(filename string) ([]byte, error) { |
| 1028 | b, err := os.ReadFile(filename) |
no outgoing calls
no test coverage detected
searching dependent graphs…