LoadCertificate returns a x509.Certificate from a kms or file
(kmsURI, certPath string)
| 88 | |
| 89 | // LoadCertificate returns a x509.Certificate from a kms or file |
| 90 | func LoadCertificate(kmsURI, certPath string) ([]*x509.Certificate, error) { |
| 91 | if isFilename(certPath) { |
| 92 | s, err := pemutil.ReadCertificateBundle(certPath) |
| 93 | if err != nil { |
| 94 | return nil, fmt.Errorf("file %s does not contain a valid certificate: %w", certPath, err) |
| 95 | } |
| 96 | return s, nil |
| 97 | } |
| 98 | |
| 99 | name, err := plugin.LookPath("kms") |
| 100 | if err != nil { |
| 101 | return nil, err |
| 102 | } |
| 103 | |
| 104 | args := []string{"certificate"} |
| 105 | if kmsURI != "" { |
| 106 | args = append(args, "--kms", kmsURI) |
| 107 | } |
| 108 | args = append(args, certPath) |
| 109 | |
| 110 | // Get public key |
| 111 | cmd := exec.Command(name, args...) |
| 112 | out, err := cmd.Output() |
| 113 | if err != nil { |
| 114 | return nil, exitError(cmd, err) |
| 115 | } |
| 116 | |
| 117 | cert, err := pemutil.ParseCertificateBundle(out) |
| 118 | if err != nil { |
| 119 | return nil, err |
| 120 | } |
| 121 | |
| 122 | return cert, nil |
| 123 | } |
| 124 | |
| 125 | // LoadJSONWebKey returns a jose.JSONWebKey from a KMS or a file. |
| 126 | func LoadJSONWebKey(kmsURI, name string, opts ...jose.Option) (*jose.JSONWebKey, error) { |
no test coverage detected
searching dependent graphs…