Beispiel #1
0
// Create a new PrivateKey from a pem.Block
// This function also performs error checking to make sure the key is valid.
func NewPrivateKeyFromBlock(PEMBlock *pem.Block) (PrivateKey, error) {
	if PEMBlock.Type != "RSA PRIVATE KEY" {
		return nil, errors.Wraps(ErrPrivatKeyWrongType, "Found "+PEMBlock.Type)
	}

	_, err := x509.ParsePKCS1PrivateKey(PEMBlock.Bytes)
	if err != nil {
		return nil, errors.Wrap(ErrPrivatKeyInvalidPEM, err)
	}

	return PrivateKey(PEMBlock.Bytes), nil
}
Beispiel #2
0
func NewUserFromBlock(PEMBlock *pem.Block) (*User, error) {
	var (
		err       error
		publicKey PublicKey
		perms     []string
	)

	if PEMBlock.Type != "PUBLIC KEY" {
		return nil, errors.Wraps(ErrUserBlockNotFound, "Unexpected "+PEMBlock.Type)
	}

	publicCryptoKey, err := x509.ParsePKIXPublicKey(PEMBlock.Bytes)
	if err != nil {
		return nil, errors.Wrap(err, ErrUserInvalidPEM)
	}

	publicKey, err = NewPublicKeyFromCryptoKey(publicCryptoKey.(*rsa.PublicKey))
	if err != nil {
		return nil, err
	}

	permString, ok := PEMBlock.Headers["perms"]
	if !ok || permString == "" {
		return nil, ErrUserPermsNotFound
	}
	permsRaw := strings.Split(permString, ",")
	for _, val := range permsRaw {
		trimmed := strings.TrimSpace(val)
		if trimmed == "" {
			return nil, ErrUserPermsInvalid
		}
		perms = append(perms, trimmed)
	}

	// All checks pass
	return &User{
		publicKey,
		perms,
		PEMBlock.Headers,
	}, nil
}
Beispiel #3
0
func StringWrappingFoo() error {
	return errors.Wraps(ErrFoo, "String")
}