MCPcopy Index your code
hub / github.com/smallstep/cli / parseSCEPDecrypterCertificate

Function parseSCEPDecrypterCertificate

command/ca/provisioner/add.go:1008–1025  ·  view source on GitHub ↗
(filename string)

Source from the content-addressed store, hash-verified

1006}
1007
1008func parseSCEPDecrypterCertificate(filename string) ([]byte, error) {
1009 certs, err := pemutil.ReadCertificateBundle(filename)
1010 if err != nil {
1011 return nil, fmt.Errorf("failed reading certificate from %q: %w", filename, err)
1012 }
1013 if len(certs) == 0 {
1014 return nil, fmt.Errorf("no certificates found in %q", filename)
1015 }
1016 // TODO(hs): implement validation, such as key usage?
1017 buf := bytes.Buffer{}
1018 if err = pem.Encode(&buf, &pem.Block{
1019 Type: "CERTIFICATE",
1020 Bytes: certs[0].Raw, // assumes the bundle is a certificate chain; using first cert as decrypter
1021 }); err != nil {
1022 return nil, fmt.Errorf("failed encoding certificate: %w", err)
1023 }
1024 return buf.Bytes(), nil
1025}
1026
1027func readSCEPDecrypterKey(filename string) ([]byte, error) {
1028 b, err := os.ReadFile(filename)

Callers 2

updateSCEPDetailsFunction · 0.85
createSCEPDetailsFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…