upstream/webhookd
1
0
Fork 0
mirror of https://github.com/ncarlier/webhookd.git synced 2025-04-06 15:35:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
f2054d2dc4
webhookd/pkg/truststore/pem_truststore.go
Nicolas Carlier f2054d2dc4 feat(signature): signature refactoring 
- add ed5519 HTTP signature support
- refactor truststore package
- add P12 trust store support

close #72
2022-12-29 17:14:28 +00:00

58 lines
1.1 KiB
Go
Raw Blame History

package truststore
import (
"crypto"
"crypto/x509"
"encoding/pem"
"fmt"
"io/ioutil"
"github.com/ncarlier/webhookd/pkg/logger"
)
func newPEMTrustStore(filename string) (TrustStore, error) {
raw, err := ioutil.ReadFile(filename)
if err != nil {
return nil, err
}
result := &InMemoryTrustStore{
Keys: make(map[string]crypto.PublicKey),
}
for {
block, rest := pem.Decode(raw)
if block == nil {
break
}
switch block.Type {
case "PUBLIC KEY":
keyID, ok := block.Headers["key_id"]
if !ok {
keyID = "default"
}
key, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return nil, err
}
result.Keys[keyID] = key
logger.Debug.Printf("public key \"%s\" loaded into the trustore", keyID)
case "CERTIFICATE":
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, err
}
keyID := string(cert.Subject.CommonName)
result.Keys[keyID] = cert.PublicKey
logger.Debug.Printf("certificate \"%s\" loaded into the trustore", keyID)
}
raw = rest
}
if len(result.Keys) == 0 {
return nil, fmt.Errorf("no RSA public key found: %s", filename)
}
return result, nil
}
Reference in New Issue View Git Blame Copy Permalink