From 6f185488db31a60b323e79e4570e0d7a5ce87432 Mon Sep 17 00:00:00 2001
From: Florian Bauer <florian@fsrv.xyz>
Date: Tue, 22 Apr 2025 18:03:40 +0000
Subject: [PATCH] squash: feat: support binary and pem encoded crl files

Squashed commit of the following:

* feat: support binary and pem encoded crl files

Signed-off-by: Florian Bauer <florian@fsrv.xyz>

See merge request https://ref.ci/fsrvcorp/pki/ocspcrl/-/merge_requests/2
---
 main.go | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/main.go b/main.go
index aa28e0d..8e01030 100644
--- a/main.go
+++ b/main.go
@@ -1,6 +1,7 @@
 package main
 
 import (
+	"bytes"
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/pem"
@@ -26,11 +27,21 @@ func loadCrlFromFile(path string) (*x509.RevocationList, error) {
 	if openCrlError != nil {
 		return nil, openCrlError
 	}
-	block, rest := pem.Decode(crlContent)
-	if len(rest) > 0 {
-		return nil, fmt.Errorf("failed to decode crl")
+
+	// if the file contains a pem block, decode it
+	// otherwise, assume it is a DER encoded CRL
+	crlBlock := &pem.Block{}
+	if bytes.Contains(crlContent, []byte("BEGIN")) {
+		block, rest := pem.Decode(crlContent)
+		if len(rest) > 0 {
+			return nil, fmt.Errorf("failed to decode crl")
+		}
+		crlBlock = block
+	} else {
+		crlBlock = &pem.Block{Type: "X509 CRL", Bytes: crlContent}
 	}
-	crl, parseCrlError := x509.ParseRevocationList(block.Bytes)
+
+	crl, parseCrlError := x509.ParseRevocationList(crlBlock.Bytes)
 	if parseCrlError != nil {
 		return nil, parseCrlError
 	}