mirror of
https://github.com/slackhq/nebula.git
synced 2025-11-22 16:34:25 +01:00
pem.go restored
This commit is contained in:
Ryan Huber
97
cert/pem.go
97
cert/pem.go
@@ -1,8 +1,10 @@
|
||||
package cert
|
||||
|
||||
import (
|
||||
"encoding/hex"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/ed25519"
|
||||
)
|
||||
@@ -138,6 +140,101 @@ func MarshalSigningPrivateKeyToPEM(curve Curve, b []byte) []byte {
|
||||
}
|
||||
}
|
||||
|
||||
// Backward compatibility functions for older API
|
||||
func MarshalX25519PublicKey(b []byte) []byte {
|
||||
return MarshalPublicKeyToPEM(Curve_CURVE25519, b)
|
||||
}
|
||||
|
||||
func MarshalX25519PrivateKey(b []byte) []byte {
|
||||
return MarshalPrivateKeyToPEM(Curve_CURVE25519, b)
|
||||
}
|
||||
|
||||
func MarshalPublicKey(curve Curve, b []byte) []byte {
|
||||
return MarshalPublicKeyToPEM(curve, b)
|
||||
}
|
||||
|
||||
func MarshalPrivateKey(curve Curve, b []byte) []byte {
|
||||
return MarshalPrivateKeyToPEM(curve, b)
|
||||
}
|
||||
|
||||
// NebulaCertificate is a compatibility wrapper for the old API
|
||||
type NebulaCertificate struct {
|
||||
Details NebulaCertificateDetails
|
||||
Signature []byte
|
||||
cert Certificate
|
||||
}
|
||||
|
||||
// NebulaCertificateDetails is a compatibility wrapper for certificate details
|
||||
type NebulaCertificateDetails struct {
|
||||
Name string
|
||||
NotBefore time.Time
|
||||
NotAfter time.Time
|
||||
PublicKey []byte
|
||||
IsCA bool
|
||||
Issuer []byte
|
||||
Curve Curve
|
||||
}
|
||||
|
||||
// UnmarshalNebulaCertificateFromPEM provides backward compatibility with the old API
|
||||
func UnmarshalNebulaCertificateFromPEM(b []byte) (*NebulaCertificate, []byte, error) {
|
||||
c, rest, err := UnmarshalCertificateFromPEM(b)
|
||||
if err != nil {
|
||||
return nil, rest, err
|
||||
}
|
||||
|
||||
issuerBytes, err := func() ([]byte, error) {
|
||||
issuer := c.Issuer()
|
||||
if issuer == "" {
|
||||
return nil, nil
|
||||
}
|
||||
decoded, err := hex.DecodeString(issuer)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to decode issuer fingerprint: %w", err)
|
||||
}
|
||||
return decoded, nil
|
||||
}()
|
||||
if err != nil {
|
||||
return nil, rest, err
|
||||
}
|
||||
|
||||
pubKey := c.PublicKey()
|
||||
if pubKey != nil {
|
||||
pubKey = append([]byte(nil), pubKey...)
|
||||
}
|
||||
|
||||
sig := c.Signature()
|
||||
if sig != nil {
|
||||
sig = append([]byte(nil), sig...)
|
||||
}
|
||||
|
||||
return &NebulaCertificate{
|
||||
Details: NebulaCertificateDetails{
|
||||
Name: c.Name(),
|
||||
NotBefore: c.NotBefore(),
|
||||
NotAfter: c.NotAfter(),
|
||||
PublicKey: pubKey,
|
||||
IsCA: c.IsCA(),
|
||||
Issuer: issuerBytes,
|
||||
Curve: c.Curve(),
|
||||
},
|
||||
Signature: sig,
|
||||
cert: c,
|
||||
}, rest, nil
|
||||
}
|
||||
|
||||
// IssuerString returns the issuer in hex format for compatibility
|
||||
func (n *NebulaCertificate) IssuerString() string {
|
||||
if n.Details.Issuer == nil {
|
||||
return ""
|
||||
}
|
||||
return hex.EncodeToString(n.Details.Issuer)
|
||||
}
|
||||
|
||||
// Certificate returns the underlying certificate (read-only)
|
||||
func (n *NebulaCertificate) Certificate() Certificate {
|
||||
return n.cert
|
||||
}
|
||||
|
||||
// UnmarshalPrivateKeyFromPEM will try to unmarshal the first pem block in a byte array, returning any non
|
||||
// consumed data or an error on failure
|
||||
func UnmarshalPrivateKeyFromPEM(b []byte) ([]byte, []byte, Curve, error) {
|
||||
|
||||
Reference in New Issue
Block a user