forked from golang/hotime
65 lines
1.8 KiB
Go
65 lines
1.8 KiB
Go
|
package xpem
|
|||
|
|
|||
|
import (
|
|||
|
"crypto/rsa"
|
|||
|
"crypto/x509"
|
|||
|
"encoding/pem"
|
|||
|
"fmt"
|
|||
|
)
|
|||
|
|
|||
|
func DecodePublicKey(pemContent []byte) (publicKey *rsa.PublicKey, err error) {
|
|||
|
block, _ := pem.Decode(pemContent)
|
|||
|
if block == nil {
|
|||
|
return nil, fmt.Errorf("pem.Decode(%s):pemContent decode error", pemContent)
|
|||
|
}
|
|||
|
switch block.Type {
|
|||
|
case "CERTIFICATE":
|
|||
|
pubKeyCert, err := x509.ParseCertificate(block.Bytes)
|
|||
|
if err != nil {
|
|||
|
return nil, fmt.Errorf("x509.ParseCertificate(%s):%w", pemContent, err)
|
|||
|
}
|
|||
|
pubKey, ok := pubKeyCert.PublicKey.(*rsa.PublicKey)
|
|||
|
if !ok {
|
|||
|
return nil, fmt.Errorf("公钥证书提取公钥出错 [%s]", pemContent)
|
|||
|
}
|
|||
|
publicKey = pubKey
|
|||
|
case "PUBLIC KEY":
|
|||
|
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
|
|||
|
if err != nil {
|
|||
|
return nil, fmt.Errorf("x509.ParsePKIXPublicKey(%s),err:%w", pemContent, err)
|
|||
|
}
|
|||
|
pubKey, ok := pub.(*rsa.PublicKey)
|
|||
|
if !ok {
|
|||
|
return nil, fmt.Errorf("公钥解析出错 [%s]", pemContent)
|
|||
|
}
|
|||
|
publicKey = pubKey
|
|||
|
case "RSA PUBLIC KEY":
|
|||
|
pubKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
|
|||
|
if err != nil {
|
|||
|
return nil, fmt.Errorf("x509.ParsePKCS1PublicKey(%s):%w", pemContent, err)
|
|||
|
}
|
|||
|
publicKey = pubKey
|
|||
|
}
|
|||
|
return publicKey, nil
|
|||
|
}
|
|||
|
|
|||
|
func DecodePrivateKey(pemContent []byte) (privateKey *rsa.PrivateKey, err error) {
|
|||
|
block, _ := pem.Decode(pemContent)
|
|||
|
if block == nil {
|
|||
|
return nil, fmt.Errorf("pem.Decode(%s):pemContent decode error", pemContent)
|
|||
|
}
|
|||
|
privateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
|||
|
if err != nil {
|
|||
|
pk8, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
|||
|
if err != nil {
|
|||
|
return nil, fmt.Errorf("私钥解析出错 [%s]", pemContent)
|
|||
|
}
|
|||
|
var ok bool
|
|||
|
privateKey, ok = pk8.(*rsa.PrivateKey)
|
|||
|
if !ok {
|
|||
|
return nil, fmt.Errorf("私钥解析出错 [%s]", pemContent)
|
|||
|
}
|
|||
|
}
|
|||
|
return privateKey, nil
|
|||
|
}
|