github.com/blend/go-sdk@v1.20220411.3/certutil/extend_system_pool.go

github.com/blend/go-sdk@v1.20220411.3/certutil/extend_system_pool.go (about)

     1  /*
     2  
     3  Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package certutil
     9  
    10  import (
    11  	"crypto/x509"
    12  
    13  	"github.com/blend/go-sdk/ex"
    14  )
    15  
    16  // ExtendSystemCertPool extends the system ca pool with a given list of ca cert key pairs.
    17  func ExtendSystemCertPool(keyPairs ...KeyPair) (*x509.CertPool, error) {
    18  	pool, err := x509.SystemCertPool()
    19  	if err != nil {
    20  		return nil, ex.New(err)
    21  	}
    22  	var contents []byte
    23  	for _, keyPair := range keyPairs {
    24  		contents, err = keyPair.CertBytes()
    25  		if err != nil {
    26  			return nil, ex.New(err)
    27  		}
    28  		if ok := pool.AppendCertsFromPEM(contents); !ok {
    29  			return nil, ex.New(ErrInvalidCertPEM)
    30  		}
    31  	}
    32  	return pool, nil
    33  }