-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathreader.go
53 lines (45 loc) · 1.3 KB
/
reader.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package tlstools
import (
"crypto/x509"
"encoding/pem"
"fmt"
"io"
"io/ioutil"
)
// ReadPEM will read PEM-encoded certificates from reader
// and then parse them into *x509.Certificates.
// It will return an error if the input contains non-certificate
// PEMs, or if one of the PEMs is invalid.
func ReadPEM(reader io.Reader) ([]*x509.Certificate, error) {
data, err := ioutil.ReadAll(reader)
if err != nil {
return nil, fmt.Errorf("could not read data: %w", err)
}
certs := []*x509.Certificate{}
for len(data) > 0 {
var block *pem.Block
block, data = pem.Decode(data)
if block == nil {
break
}
if block.Type != "CERTIFICATE" {
return nil, fmt.Errorf("file contains a PEM of unexpected type: %s", block.Type)
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
return nil, fmt.Errorf("failed to parse PEM: %w", err)
}
certs = append(certs, cert)
}
return certs, nil
}
// ReadDER will a DER-encoded certificate from reader and parse
// it into an *x509.Certificate. It expects the input to contain
// only one certificate, since DER does not have delimiters.
func ReadDER(reader io.Reader) (*x509.Certificate, error) {
data, err := ioutil.ReadAll(reader)
if err != nil {
return nil, fmt.Errorf("could not read data: %w", err)
}
return x509.ParseCertificate(data)
}