add proper pem interface
This should finally resolve the completely broken and wrong API to get a pem representation of a resource.
This commit is contained in:
parent
fd88bca287
commit
b6c44317f5
|
@ -81,10 +81,18 @@ func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
|
|||
return (*CertificateRequest)(csr), nil
|
||||
}
|
||||
|
||||
// ToPem returns a pem.Block representing the CertificateRequest.
|
||||
func (c *CertificateRequest) ToPem() (pem.Block, error) {
|
||||
return pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}, nil
|
||||
}
|
||||
|
||||
// Return the certificate sign request as a pem block.
|
||||
func (c *CertificateRequest) MarshalPem() (io.WriterTo, error) {
|
||||
block := &pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
|
||||
return marshalledPemBlock(pem.EncodeToMemory(block)), nil
|
||||
if block, err := c.ToPem(); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
return marshalledPemBlock(pem.EncodeToMemory(&block)), nil
|
||||
}
|
||||
}
|
||||
|
||||
// Convert the certificate sign request to a certificate using the private key
|
||||
|
@ -152,8 +160,16 @@ func LoadCertificate(raw []byte) (*Certificate, error) {
|
|||
|
||||
// marshal the certificate to a pem block
|
||||
func (c *Certificate) MarshalPem() (io.WriterTo, error) {
|
||||
block := &pem.Block{Type: PemLabelCertificate, Bytes: c.Raw}
|
||||
return marshalledPemBlock(pem.EncodeToMemory(block)), nil
|
||||
if block, err := c.ToPem(); err != nil {
|
||||
return nil, err
|
||||
} else {
|
||||
return marshalledPemBlock(pem.EncodeToMemory(&block)), nil
|
||||
}
|
||||
}
|
||||
|
||||
// ToPem returns the pem block of the certificate.
|
||||
func (c *Certificate) ToPem() (pem.Block, error) {
|
||||
return pem.Block{Type: PemLabelCertificate, Bytes: c.Raw}, nil
|
||||
}
|
||||
|
||||
// Check if the certificate options have the required fields set.
|
||||
|
|
12
ecdsa.go
12
ecdsa.go
|
@ -78,14 +78,22 @@ func (pr EcdsaPrivateKey) PrivateKey() crypto.PrivateKey {
|
|||
// This function implements the Pemmer interface to marshal the private key
|
||||
// into a pem block.
|
||||
func (pr EcdsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||
asn1, err := x509.MarshalECPrivateKey(pr.private_key)
|
||||
pem_block, err := pr.ToPem()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
pem_block := pem.Block{Type: PemLabelEcdsa, Bytes: asn1}
|
||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||
}
|
||||
|
||||
// This function implements ToPem to return the raw pem block.
|
||||
func (pr EcdsaPrivateKey) ToPem() (pem.Block, error) {
|
||||
asn1, err := x509.MarshalECPrivateKey(pr.private_key)
|
||||
if err != nil {
|
||||
return pem.Block{}, err
|
||||
}
|
||||
return pem.Block{Type: PemLabelEcdsa, Bytes: asn1}, nil
|
||||
}
|
||||
|
||||
// This functoin loads an ecdsa public key from the asn.1 representation.
|
||||
func LoadPublicKeyEcdsa(raw []byte) (*EcdsaPublicKey, error) {
|
||||
raw_pub, err := x509.ParsePKIXPublicKey(raw)
|
||||
|
|
|
@ -70,10 +70,17 @@ func (pr *Ed25519PrivateKey) Sign(message []byte, hash crypto.Hash) ([]byte, err
|
|||
|
||||
// Export the private key into the Pem format.
|
||||
func (pr Ed25519PrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||
pem_block := pem.Block{Type: PemLabelEd25519, Bytes: pr.private_key[:]}
|
||||
pem_block, err := pr.ToPem()
|
||||
if err != nil { // it does not currently return an error, but maybe that will change
|
||||
return nil, err
|
||||
}
|
||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||
}
|
||||
|
||||
func (pr Ed25519PrivateKey) ToPem() (pem.Block, error) {
|
||||
return pem.Block{Type: PemLabelEd25519, Bytes: pr.private_key[:]}, nil
|
||||
}
|
||||
|
||||
// Load the public key from a raw byte stream.
|
||||
// TODO should this be read from ASN.1? All other functions do that.
|
||||
func LoadPublicKeyEd25519(raw []byte) (*Ed25519PublicKey, error) {
|
||||
|
|
13
rsa.go
13
rsa.go
|
@ -61,11 +61,20 @@ func (pr RsaPrivateKey) PrivateKey() crypto.PrivateKey {
|
|||
}
|
||||
|
||||
func (pr RsaPrivateKey) MarshalPem() (io.WriterTo, error) {
|
||||
asn1 := x509.MarshalPKCS1PrivateKey(pr.private_key)
|
||||
pem_block := pem.Block{Type: PemLabelRsa, Bytes: asn1}
|
||||
pem_block, err := pr.ToPem()
|
||||
if err != nil { // it does not currently return an error, but maybe that will change
|
||||
return nil, err
|
||||
}
|
||||
return marshalledPemBlock(pem.EncodeToMemory(&pem_block)), nil
|
||||
}
|
||||
|
||||
func (pr RsaPrivateKey) ToPem() (pem.Block, error) {
|
||||
return pem.Block{
|
||||
Type: PemLabelRsa,
|
||||
Bytes: x509.MarshalPKCS1PrivateKey(pr.private_key),
|
||||
}, nil
|
||||
}
|
||||
|
||||
// restore a rsa public key
|
||||
func LoadPublicKeyRsa(raw []byte) (*RsaPublicKey, error) {
|
||||
pub := &RsaPublicKey{}
|
||||
|
|
10
types.go
10
types.go
|
@ -16,6 +16,7 @@ package pki
|
|||
|
||||
import (
|
||||
"crypto"
|
||||
"encoding/pem"
|
||||
"io"
|
||||
)
|
||||
|
||||
|
@ -35,6 +36,9 @@ type (
|
|||
|
||||
// Return the original go structure of the private key.
|
||||
PrivateKey() crypto.PrivateKey
|
||||
|
||||
// ToPem must return a pem block of the private key.
|
||||
ToPem() (pem.Block, error)
|
||||
}
|
||||
|
||||
// PublicKey is used by the different crypto implementations to provide the
|
||||
|
@ -52,4 +56,10 @@ type (
|
|||
Pemmer interface {
|
||||
MarshalPem() (io.WriterTo, error)
|
||||
}
|
||||
|
||||
// ToPem returns the raw pem block to make it possible to write the result to
|
||||
// any place.
|
||||
PemOutput interface {
|
||||
ToPem() (pem.Block, error)
|
||||
}
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue