add proper pem interface
This should finally resolve the completely broken and wrong API to get a pem representation of a resource.
This commit is contained in:
parent
fd88bca287
commit
b6c44317f5
|
@ -81,10 +81,18 @@ func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
|
||||||
return (*CertificateRequest)(csr), nil
|
return (*CertificateRequest)(csr), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ToPem returns a pem.Block representing the CertificateRequest.
|
||||||
|
func (c *CertificateRequest) ToPem() (pem.Block, error) {
|
||||||
|
return pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Return the certificate sign request as a pem block.
|
// Return the certificate sign request as a pem block.
|
||||||
func (c *CertificateRequest) MarshalPem() (io.WriterTo, error) {
|
func (c *CertificateRequest) MarshalPem() (io.WriterTo, error) {
|
||||||
block := &pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
|
if block, err := c.ToPem(); err != nil {
|
||||||
return marshalledPemBlock(pem.EncodeToMemory(block)), nil
|
return nil, err
|
||||||
|
} else {
|
||||||
|
return marshalledPemBlock(pem.EncodeToMemory(&block)), nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Convert the certificate sign request to a certificate using the private key
|
// Convert the certificate sign request to a certificate using the private key
|
||||||
|
@ -152,8 +160,16 @@ func LoadCertificate(raw []byte) (*Certificate, error) {
|
||||||
|
|
||||||
// marshal the certificate to a pem block
|
// marshal the certificate to a pem block
|
||||||
func (c *Certificate) MarshalPem() (io.WriterTo, error) {
|
func (c *Certificate) MarshalPem() (io.WriterTo, error) {
|
||||||
block := &pem.Block{Type: PemLabelCertificate, Bytes: c.Raw}
|
if block, err := c.ToPem(); err != nil {
|
||||||
return marshalledPemBlock(pem.EncodeToMemory(block)), nil
|
return nil, err
|
||||||
|
} else {
|
||||||
|
return marshalledPemBlock(pem.EncodeToMemory(&block)), nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// ToPem returns the pem block of the certificate.
|
||||||
|
func (c *Certificate) ToPem() (pem.Block, error) {
|
||||||
|
return pem.Block{Type: PemLabelCertificate, Bytes: c.Raw}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if the certificate options have the required fields set.
|
// Check if the certificate options have the required fields set.
|
||||||
|
|
12
ecdsa.go
12
ecdsa.go
|
@ -78,14 +78,22 @@ func (pr EcdsaPrivateKey) PrivateKey() crypto.PrivateKey {
|
||||||
// This function implements the Pemmer interface to marshal the private key
|
// This function implements the Pemmer interface to marshal the private key
|
||||||
// into a pem block.
|
// into a pem block.
|
||||||
func (pr EcdsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
func (pr EcdsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||||
asn1, err := x509.MarshalECPrivateKey(pr.private_key)
|
pem_block, err := pr.ToPem()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
pem_block := pem.Block{Type: PemLabelEcdsa, Bytes: asn1}
|
|
||||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// This function implements ToPem to return the raw pem block.
|
||||||
|
func (pr EcdsaPrivateKey) ToPem() (pem.Block, error) {
|
||||||
|
asn1, err := x509.MarshalECPrivateKey(pr.private_key)
|
||||||
|
if err != nil {
|
||||||
|
return pem.Block{}, err
|
||||||
|
}
|
||||||
|
return pem.Block{Type: PemLabelEcdsa, Bytes: asn1}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// This functoin loads an ecdsa public key from the asn.1 representation.
|
// This functoin loads an ecdsa public key from the asn.1 representation.
|
||||||
func LoadPublicKeyEcdsa(raw []byte) (*EcdsaPublicKey, error) {
|
func LoadPublicKeyEcdsa(raw []byte) (*EcdsaPublicKey, error) {
|
||||||
raw_pub, err := x509.ParsePKIXPublicKey(raw)
|
raw_pub, err := x509.ParsePKIXPublicKey(raw)
|
||||||
|
|
|
@ -70,10 +70,17 @@ func (pr *Ed25519PrivateKey) Sign(message []byte, hash crypto.Hash) ([]byte, err
|
||||||
|
|
||||||
// Export the private key into the Pem format.
|
// Export the private key into the Pem format.
|
||||||
func (pr Ed25519PrivateKey) MarshalPem() (io.WriterTo, error) {
|
func (pr Ed25519PrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||||
pem_block := pem.Block{Type: PemLabelEd25519, Bytes: pr.private_key[:]}
|
pem_block, err := pr.ToPem()
|
||||||
|
if err != nil { // it does not currently return an error, but maybe that will change
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (pr Ed25519PrivateKey) ToPem() (pem.Block, error) {
|
||||||
|
return pem.Block{Type: PemLabelEd25519, Bytes: pr.private_key[:]}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Load the public key from a raw byte stream.
|
// Load the public key from a raw byte stream.
|
||||||
// TODO should this be read from ASN.1? All other functions do that.
|
// TODO should this be read from ASN.1? All other functions do that.
|
||||||
func LoadPublicKeyEd25519(raw []byte) (*Ed25519PublicKey, error) {
|
func LoadPublicKeyEd25519(raw []byte) (*Ed25519PublicKey, error) {
|
||||||
|
|
13
rsa.go
13
rsa.go
|
@ -61,11 +61,20 @@ func (pr RsaPrivateKey) PrivateKey() crypto.PrivateKey {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (pr RsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
func (pr RsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||||
asn1 := x509.MarshalPKCS1PrivateKey(pr.private_key)
|
pem_block, err := pr.ToPem()
|
||||||
pem_block := pem.Block{Type: PemLabelRsa, Bytes: asn1}
|
if err != nil { // it does not currently return an error, but maybe that will change
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (pr RsaPrivateKey) ToPem() (pem.Block, error) {
|
||||||
|
return pem.Block{
|
||||||
|
Type: PemLabelRsa,
|
||||||
|
Bytes: x509.MarshalPKCS1PrivateKey(pr.private_key),
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// restore a rsa public key
|
// restore a rsa public key
|
||||||
func LoadPublicKeyRsa(raw []byte) (*RsaPublicKey, error) {
|
func LoadPublicKeyRsa(raw []byte) (*RsaPublicKey, error) {
|
||||||
pub := &RsaPublicKey{}
|
pub := &RsaPublicKey{}
|
||||||
|
|
10
types.go
10
types.go
|
@ -16,6 +16,7 @@ package pki
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto"
|
"crypto"
|
||||||
|
"encoding/pem"
|
||||||
"io"
|
"io"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -35,6 +36,9 @@ type (
|
||||||
|
|
||||||
// Return the original go structure of the private key.
|
// Return the original go structure of the private key.
|
||||||
PrivateKey() crypto.PrivateKey
|
PrivateKey() crypto.PrivateKey
|
||||||
|
|
||||||
|
// ToPem must return a pem block of the private key.
|
||||||
|
ToPem() (pem.Block, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// PublicKey is used by the different crypto implementations to provide the
|
// PublicKey is used by the different crypto implementations to provide the
|
||||||
|
@ -52,4 +56,10 @@ type (
|
||||||
Pemmer interface {
|
Pemmer interface {
|
||||||
MarshalPem() (io.WriterTo, error)
|
MarshalPem() (io.WriterTo, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ToPem returns the raw pem block to make it possible to write the result to
|
||||||
|
// any place.
|
||||||
|
PemOutput interface {
|
||||||
|
ToPem() (pem.Block, error)
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in New Issue