spacebar/ocsp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

squash: feat: support binary and pem encoded crl files

Browse Source 
Squashed commit of the following:

* feat: support binary and pem encoded crl files

Signed-off-by: Florian Bauer <florian@fsrv.xyz>

See merge request https://ref.ci/fsrvcorp/pki/ocspcrl/-/merge_requests/2
This commit is contained in:
Florian Bauer
2025-04-22 18:03:40 +00:00
parent c373fd74a9
commit 6f185488db
1 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
main.go
View File

@@ -1,6 +1,7 @@
package main
import (
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/pem"
@@ -26,11 +27,21 @@ func loadCrlFromFile(path string) (*x509.RevocationList, error) {
if openCrlError != nil {
return nil, openCrlError
}
block, rest := pem.Decode(crlContent)
if len(rest) > 0 {
return nil, fmt.Errorf("failed to decode crl")
// if the file contains a pem block, decode it
// otherwise, assume it is a DER encoded CRL
crlBlock := &pem.Block{}
if bytes.Contains(crlContent, []byte("BEGIN")) {
block, rest := pem.Decode(crlContent)
if len(rest) > 0 {
return nil, fmt.Errorf("failed to decode crl")
}
crlBlock = block
} else {
crlBlock = &pem.Block{Type: "X509 CRL", Bytes: crlContent}
}
crl, parseCrlError := x509.ParseRevocationList(block.Bytes)
crl, parseCrlError := x509.ParseRevocationList(crlBlock.Bytes)
if parseCrlError != nil {
return nil, parseCrlError
}