github.com/koron/hk@v0.0.0-20150303213137-b8aeaa3ab34c/ssl_helper.go

github.com/koron/hk@v0.0.0-20150303213137-b8aeaa3ab34c/ssl_helper.go (about)

     1  package main
     2  
     3  import (
     4  	"crypto/tls"
     5  	"crypto/x509"
     6  	"encoding/pem"
     7  	"errors"
     8  	"time"
     9  )
    10  
    11  type x509Chain []x509.Certificate
    12  
    13  func (xc *x509Chain) CommonNames() []string {
    14  	if xc == nil || len(*xc) == 0 {
    15  		return []string{}
    16  	}
    17  	return (*xc)[0].DNSNames
    18  }
    19  
    20  func (xc *x509Chain) Expires() time.Time {
    21  	if xc == nil || len(*xc) == 0 {
    22  		return time.Time{}
    23  	}
    24  	return (*xc)[0].NotAfter
    25  }
    26  
    27  func decodeCertChain(chainPEM string) (chain x509Chain, err error) {
    28  	certPEMBlock := []byte(chainPEM)
    29  	var certDERBlock *pem.Block
    30  	var cert tls.Certificate
    31  
    32  	for {
    33  		certDERBlock, certPEMBlock = pem.Decode([]byte(certPEMBlock))
    34  		if certDERBlock == nil {
    35  			break
    36  		}
    37  		if certDERBlock.Type == "CERTIFICATE" {
    38  			cert.Certificate = append(cert.Certificate, certDERBlock.Bytes)
    39  		}
    40  	}
    41  
    42  	if len(cert.Certificate) == 0 {
    43  		err = errors.New("failed to parse certificate PEM data")
    44  		return
    45  	}
    46  
    47  	var x509Cert *x509.Certificate
    48  	for _, c := range cert.Certificate {
    49  		x509Cert, err = x509.ParseCertificate(c)
    50  		if err != nil {
    51  			return
    52  		}
    53  		chain = append(chain, *x509Cert)
    54  	}
    55  	return
    56  }