github.com/Venafi/vcert/v5@v5.10.2/pkg/util/utils.go (about) 1 package util 2 3 import ( 4 "crypto/ecdsa" 5 "crypto/ed25519" 6 "crypto/rand" 7 "crypto/rsa" 8 "encoding/json" 9 "encoding/pem" 10 "fmt" 11 "regexp" 12 "strings" 13 "time" 14 15 "github.com/youmark/pkcs8" 16 ) 17 18 const ( 19 LegacyPem = "legacy-pem" 20 //nolint: gosec // Ignoring false positive "G101 Potential hardcoded credentials" 21 HeaderTpplApikey = "tppl-api-key" 22 OauthTokenType = "Bearer" 23 DefaultTimeout = 180 // seconds 24 ) 25 26 func ConvertSecondsToTime(t int64) time.Time { 27 return time.Unix(0, t*int64(time.Second)) 28 } 29 30 func GetJsonAsString(i interface{}) (s string) { 31 byte, _ := json.MarshalIndent(i, "", " ") 32 s = string(byte) 33 return 34 } 35 36 func DecryptPkcs8PrivateKey(privateKey, password string) (string, error) { 37 38 block, _ := pem.Decode([]byte(privateKey)) 39 key, _, err := pkcs8.ParsePrivateKey(block.Bytes, []byte(password)) 40 41 if err != nil { 42 return "", err 43 } 44 45 var pemType string 46 47 switch key.(type) { 48 case *rsa.PrivateKey: 49 pemType = "RSA PRIVATE KEY" 50 case *ecdsa.PrivateKey: 51 pemType = "EC PRIVATE KEY" 52 case ed25519.PrivateKey: 53 pemType = "PRIVATE KEY" 54 default: 55 return "", fmt.Errorf("failed to determine private key type") 56 } 57 privateKeyBytes, err := pkcs8.MarshalPrivateKey(key, nil, nil) 58 59 if err != nil { 60 return "", err 61 } 62 63 pemBytes := pem.EncodeToMemory(&pem.Block{Type: pemType, Bytes: privateKeyBytes}) 64 65 return string(pemBytes), nil 66 } 67 68 func EncryptPkcs1PrivateKey(privateKey, password string) (string, error) { 69 70 block, _ := pem.Decode([]byte(privateKey)) 71 72 keyType := GetPrivateKeyType(privateKey, password) 73 var encrypted *pem.Block 74 var err error 75 if keyType == "RSA PRIVATE KEY" { 76 encrypted, err = X509EncryptPEMBlock(rand.Reader, "RSA PRIVATE KEY", block.Bytes, []byte(password), PEMCipherAES256) 77 if err != nil { 78 return "", nil 79 } 80 } else if keyType == "EC PRIVATE KEY" { 81 encrypted, err = X509EncryptPEMBlock(rand.Reader, "EC PRIVATE KEY", block.Bytes, []byte(password), PEMCipherAES256) 82 if err != nil { 83 return "", nil 84 } 85 } 86 return string(pem.EncodeToMemory(encrypted)), nil 87 } 88 89 func GetBooleanRef(val bool) *bool { 90 return &val 91 } 92 93 func GetIntRef(val int) *int { 94 return &val 95 } 96 97 func GetPrivateKeyType(pk, pass string) string { 98 99 p, _ := pem.Decode([]byte(pk)) 100 if p == nil { 101 return "" 102 } 103 104 var keyType string 105 switch p.Type { 106 case "EC PRIVATE KEY": 107 keyType = "EC PRIVATE KEY" 108 case "RSA PRIVATE KEY": 109 keyType = "RSA PRIVATE KEY" 110 default: 111 keyType = "" 112 } 113 114 return keyType 115 } 116 117 // TODO: test this function 118 func ArrayContainsString(s []string, e string) bool { 119 for _, a := range s { 120 if a == e { 121 return true 122 } 123 } 124 return false 125 } 126 127 func NormalizeUrl(url string) string { 128 modified := strings.ToLower(url) 129 reg := regexp.MustCompile("^http(|s)://") 130 if reg.FindStringIndex(modified) == nil { 131 modified = "https://" + modified 132 } else { 133 modified = reg.ReplaceAllString(modified, "https://") 134 } 135 if !strings.HasSuffix(modified, "/") { 136 modified = modified + "/" 137 } 138 return modified 139 } 140 141 func StringPointerToString(input *string) string { 142 if input != nil { 143 return *input 144 } 145 return "" 146 } 147 148 func GetKeystoreOptionsString(cloudProviderID *string, cloudKeystoreID *string, cloudProviderName *string, cloudKeystoreName *string) string { 149 msg := "" 150 if cloudProviderID != nil { 151 msg += fmt.Sprintf("Cloud Provider ID: %s, ", *cloudProviderID) 152 } 153 if cloudKeystoreID != nil { 154 msg += fmt.Sprintf("Cloud Keystore ID: %s, ", *cloudKeystoreID) 155 } 156 if cloudProviderName != nil { 157 msg += fmt.Sprintf("Cloud Provider Name: %s, ", *cloudProviderName) 158 } 159 if cloudKeystoreName != nil { 160 msg += fmt.Sprintf("Cloud Keystore Name: %s", *cloudKeystoreName) 161 } 162 163 return msg 164 }