loadany.go

Documentation: github.com/sassoftware/relic/lib/certloader

     1  //
     2  // Copyright (c) SAS Institute Inc.
     3  //
     4  // Licensed under the Apache License, Version 2.0 (the "License");
     5  // you may not use this file except in compliance with the License.
     6  // You may obtain a copy of the License at
     7  //
     8  //     http://www.apache.org/licenses/LICENSE-2.0
     9  //
    10  // Unless required by applicable law or agreed to in writing, software
    11  // distributed under the License is distributed on an "AS IS" BASIS,
    12  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  // See the License for the specific language governing permissions and
    14  // limitations under the License.
    15  //
    16  
    17  package certloader
    18  
    19  import (
    20  	"bytes"
    21  	"crypto/x509"
    22  	"fmt"
    23  	"io"
    24  	"io/ioutil"
    25  
    26  	"golang.org/x/crypto/openpgp"
    27  	"golang.org/x/crypto/openpgp/armor"
    28  )
    29  
    30  type AnyCerts struct {
    31  	X509Certs []*x509.Certificate
    32  	PGPCerts  openpgp.EntityList
    33  }
    34  
    35  // Load X509 and/or PGP certificates from the named file paths
    36  func LoadAnyCerts(paths []string) (any AnyCerts, err error) {
    37  	for _, path := range paths {
    38  		blob, err := ioutil.ReadFile(path)
    39  		if err != nil {
    40  			return any, err
    41  		}
    42  		x509certs, err := parseCertificates(blob)
    43  		if err == nil {
    44  			any.X509Certs = append(any.X509Certs, x509certs.Certificates...)
    45  			continue
    46  		} else if err != ErrNoCerts {
    47  			return any, fmt.Errorf("%s: %s", path, err)
    48  		}
    49  		pgpcerts, err := parsePGP(blob)
    50  		if err == nil {
    51  			any.PGPCerts = append(any.PGPCerts, pgpcerts...)
    52  		} else {
    53  			return any, fmt.Errorf("%s: %s", path, err)
    54  		}
    55  	}
    56  	return any, nil
    57  }
    58  
    59  // Parse one or more PGP certificates from the given possibly-armored blob
    60  func parsePGP(blob []byte) (openpgp.EntityList, error) {
    61  	reader := io.Reader(bytes.NewReader(blob))
    62  	if blob[0] == '-' {
    63  		block, err := armor.Decode(reader)
    64  		if err != nil {
    65  			return nil, err
    66  		}
    67  		reader = block.Body
    68  	}
    69  	return openpgp.ReadKeyRing(reader)
    70  }
    71
View as plain text