forked from golang/hotime
65 lines
1.8 KiB
Go
65 lines
1.8 KiB
Go
package xpem
|
||
|
||
import (
|
||
"crypto/rsa"
|
||
"crypto/x509"
|
||
"encoding/pem"
|
||
"fmt"
|
||
)
|
||
|
||
func DecodePublicKey(pemContent []byte) (publicKey *rsa.PublicKey, err error) {
|
||
block, _ := pem.Decode(pemContent)
|
||
if block == nil {
|
||
return nil, fmt.Errorf("pem.Decode(%s):pemContent decode error", pemContent)
|
||
}
|
||
switch block.Type {
|
||
case "CERTIFICATE":
|
||
pubKeyCert, err := x509.ParseCertificate(block.Bytes)
|
||
if err != nil {
|
||
return nil, fmt.Errorf("x509.ParseCertificate(%s):%w", pemContent, err)
|
||
}
|
||
pubKey, ok := pubKeyCert.PublicKey.(*rsa.PublicKey)
|
||
if !ok {
|
||
return nil, fmt.Errorf("公钥证书提取公钥出错 [%s]", pemContent)
|
||
}
|
||
publicKey = pubKey
|
||
case "PUBLIC KEY":
|
||
pub, err := x509.ParsePKIXPublicKey(block.Bytes)
|
||
if err != nil {
|
||
return nil, fmt.Errorf("x509.ParsePKIXPublicKey(%s),err:%w", pemContent, err)
|
||
}
|
||
pubKey, ok := pub.(*rsa.PublicKey)
|
||
if !ok {
|
||
return nil, fmt.Errorf("公钥解析出错 [%s]", pemContent)
|
||
}
|
||
publicKey = pubKey
|
||
case "RSA PUBLIC KEY":
|
||
pubKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
|
||
if err != nil {
|
||
return nil, fmt.Errorf("x509.ParsePKCS1PublicKey(%s):%w", pemContent, err)
|
||
}
|
||
publicKey = pubKey
|
||
}
|
||
return publicKey, nil
|
||
}
|
||
|
||
func DecodePrivateKey(pemContent []byte) (privateKey *rsa.PrivateKey, err error) {
|
||
block, _ := pem.Decode(pemContent)
|
||
if block == nil {
|
||
return nil, fmt.Errorf("pem.Decode(%s):pemContent decode error", pemContent)
|
||
}
|
||
privateKey, err = x509.ParsePKCS1PrivateKey(block.Bytes)
|
||
if err != nil {
|
||
pk8, err := x509.ParsePKCS8PrivateKey(block.Bytes)
|
||
if err != nil {
|
||
return nil, fmt.Errorf("私钥解析出错 [%s]", pemContent)
|
||
}
|
||
var ok bool
|
||
privateKey, ok = pk8.(*rsa.PrivateKey)
|
||
if !ok {
|
||
return nil, fmt.Errorf("私钥解析出错 [%s]", pemContent)
|
||
}
|
||
}
|
||
return privateKey, nil
|
||
}
|