github.com/openshift/installer@v1.4.17/pkg/asset/tls/utils.go

github.com/openshift/installer@v1.4.17/pkg/asset/tls/utils.go (about)

     1  package tls
     2  
     3  import (
     4  	"crypto/rsa"
     5  	"crypto/x509"
     6  	"encoding/pem"
     7  
     8  	"github.com/pkg/errors"
     9  	"github.com/sirupsen/logrus"
    10  )
    11  
    12  // PrivateKeyToPem converts an rsa.PrivateKey object to pem string
    13  func PrivateKeyToPem(key *rsa.PrivateKey) []byte {
    14  	keyInBytes := x509.MarshalPKCS1PrivateKey(key)
    15  	keyinPem := pem.EncodeToMemory(
    16  		&pem.Block{
    17  			Type:  "RSA PRIVATE KEY",
    18  			Bytes: keyInBytes,
    19  		},
    20  	)
    21  	return keyinPem
    22  }
    23  
    24  // CertToPem converts an x509.Certificate object to a pem string
    25  func CertToPem(cert *x509.Certificate) []byte {
    26  	certInPem := pem.EncodeToMemory(
    27  		&pem.Block{
    28  			Type:  "CERTIFICATE",
    29  			Bytes: cert.Raw,
    30  		},
    31  	)
    32  	return certInPem
    33  }
    34  
    35  // CSRToPem converts an x509.CertificateRequest to a pem string
    36  func CSRToPem(cert *x509.CertificateRequest) []byte {
    37  	certInPem := pem.EncodeToMemory(
    38  		&pem.Block{
    39  			Type:  "CERTIFICATE REQUEST",
    40  			Bytes: cert.Raw,
    41  		},
    42  	)
    43  	return certInPem
    44  }
    45  
    46  // PublicKeyToPem converts an rsa.PublicKey object to pem string
    47  func PublicKeyToPem(key *rsa.PublicKey) ([]byte, error) {
    48  	keyInBytes, err := x509.MarshalPKIXPublicKey(key)
    49  	if err != nil {
    50  		logrus.Debugf("Failed to marshal PKIX public key: %s", err)
    51  		return nil, errors.Wrap(err, "failed to MarshalPKIXPublicKey")
    52  	}
    53  	keyinPem := pem.EncodeToMemory(
    54  		&pem.Block{
    55  			Type:  "RSA PUBLIC KEY",
    56  			Bytes: keyInBytes,
    57  		},
    58  	)
    59  	return keyinPem, nil
    60  }
    61  
    62  // PemToPrivateKey converts a data block to rsa.PrivateKey.
    63  func PemToPrivateKey(data []byte) (*rsa.PrivateKey, error) {
    64  	block, _ := pem.Decode(data)
    65  	if block == nil {
    66  		return nil, errors.Errorf("could not find a PEM block in the private key")
    67  	}
    68  	return x509.ParsePKCS1PrivateKey(block.Bytes)
    69  }
    70  
    71  // PemToPublicKey converts a data block to rsa.PublicKey.
    72  func PemToPublicKey(data []byte) (*rsa.PublicKey, error) {
    73  	block, _ := pem.Decode(data)
    74  	if block == nil {
    75  		return nil, errors.Errorf("could not find a PEM block in the public key")
    76  	}
    77  	obji, err := x509.ParsePKIXPublicKey(block.Bytes)
    78  	if err != nil {
    79  		return nil, err
    80  	}
    81  	publicKey, ok := obji.(*rsa.PublicKey)
    82  	if !ok {
    83  		return nil, errors.Errorf("invalid public key format, expected RSA")
    84  	}
    85  	return publicKey, nil
    86  }
    87  
    88  // PemToCertificate converts a data block to x509.Certificate.
    89  func PemToCertificate(data []byte) (*x509.Certificate, error) {
    90  	block, _ := pem.Decode(data)
    91  	if block == nil {
    92  		return nil, errors.Errorf("could not find a PEM block in the certificate")
    93  	}
    94  	return x509.ParseCertificate(block.Bytes)
    95  }