feat: support binary and pem encoded crl files
See merge request https://ref.ci/fsrvcorp/pki/ocspcrl/-/merge_requests/2
This commit is contained in:
Florian Bauer
19
main.go
19
main.go
@@ -1,6 +1,7 @@
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
@@ -26,11 +27,21 @@ func loadCrlFromFile(path string) (*x509.RevocationList, error) {
|
|||||||
if openCrlError != nil {
|
if openCrlError != nil {
|
||||||
return nil, openCrlError
|
return nil, openCrlError
|
||||||
}
|
}
|
||||||
block, rest := pem.Decode(crlContent)
|
|
||||||
if len(rest) > 0 {
|
// if the file contains a pem block, decode it
|
||||||
return nil, fmt.Errorf("failed to decode crl")
|
// otherwise, assume it is a DER encoded CRL
|
||||||
|
crlBlock := &pem.Block{}
|
||||||
|
if bytes.Contains(crlContent, []byte("BEGIN")) {
|
||||||
|
block, rest := pem.Decode(crlContent)
|
||||||
|
if len(rest) > 0 {
|
||||||
|
return nil, fmt.Errorf("failed to decode crl")
|
||||||
|
}
|
||||||
|
crlBlock = block
|
||||||
|
} else {
|
||||||
|
crlBlock = &pem.Block{Type: "X509 CRL", Bytes: crlContent}
|
||||||
}
|
}
|
||||||
crl, parseCrlError := x509.ParseRevocationList(block.Bytes)
|
|
||||||
|
crl, parseCrlError := x509.ParseRevocationList(crlBlock.Bytes)
|
||||||
if parseCrlError != nil {
|
if parseCrlError != nil {
|
||||||
return nil, parseCrlError
|
return nil, parseCrlError
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user