// Create a new PrivateKey from a pem.Block
// This function also performs error checking to make sure the key is valid.
func NewPrivateKeyFromBlock(PEMBlock *pem.Block) (PrivateKey, error) {
if PEMBlock.Type != "RSA PRIVATE KEY" {
return nil, errors.Wraps(ErrPrivatKeyWrongType, "Found "+PEMBlock.Type)
}
_, err := x509.ParsePKCS1PrivateKey(PEMBlock.Bytes)
if err != nil {
return nil, errors.Wrap(ErrPrivatKeyInvalidPEM, err)
}
return PrivateKey(PEMBlock.Bytes), nil
}
func NewUserFromBlock(PEMBlock *pem.Block) (*User, error) {
var (
err error
publicKey PublicKey
perms []string
)
if PEMBlock.Type != "PUBLIC KEY" {
return nil, errors.Wraps(ErrUserBlockNotFound, "Unexpected "+PEMBlock.Type)
}
publicCryptoKey, err := x509.ParsePKIXPublicKey(PEMBlock.Bytes)
if err != nil {
return nil, errors.Wrap(err, ErrUserInvalidPEM)
}
publicKey, err = NewPublicKeyFromCryptoKey(publicCryptoKey.(*rsa.PublicKey))
if err != nil {
return nil, err
}
permString, ok := PEMBlock.Headers["perms"]
if !ok || permString == "" {
return nil, ErrUserPermsNotFound
}
permsRaw := strings.Split(permString, ",")
for _, val := range permsRaw {
trimmed := strings.TrimSpace(val)
if trimmed == "" {
return nil, ErrUserPermsInvalid
}
perms = append(perms, trimmed)
}
// All checks pass
return &User{
publicKey,
perms,
PEMBlock.Headers,
}, nil
}
func StringWrappingFoo() error {
return errors.Wraps(ErrFoo, "String")
}