+31
-2
lines changedFilter options
+31
-2
lines changed Original file line number Diff line number Diff line change
@@ -18,7 +18,7 @@ import (
18
18
"io/ioutil"
19
19
"os"
20
20
21
-
"github.com/google/certificate-transparency-go"
21
+
ct "github.com/google/certificate-transparency-go"
22
22
cttls "github.com/google/certificate-transparency-go/tls"
23
23
ctx509 "github.com/google/certificate-transparency-go/x509"
24
24
"golang.org/x/crypto/ocsp"
@@ -378,7 +378,15 @@ func ParsePrivateKeyPEMWithPassword(keyPEM []byte, password []byte) (key crypto.
378
378
379
379
// GetKeyDERFromPEM parses a PEM-encoded private key and returns DER-format key bytes.
380
380
func GetKeyDERFromPEM(in []byte, password []byte) ([]byte, error) {
381
-
keyDER, _ := pem.Decode(in)
381
+
// Ignore any EC PARAMETERS blocks when looking for a key (openssl includes
382
+
// them by default).
383
+
var keyDER *pem.Block
384
+
for {
385
+
keyDER, in = pem.Decode(in)
386
+
if keyDER == nil || keyDER.Type != "EC PARAMETERS" {
387
+
break
388
+
}
389
+
}
382
390
if keyDER != nil {
383
391
if procType, ok := keyDER.Headers["Proc-Type"]; ok {
384
392
if strings.Contains(procType, "ENCRYPTED") {
Original file line number Diff line number Diff line change
@@ -32,6 +32,7 @@ const (
32
32
testPrivateRSAKey = "testdata/priv_rsa_key.pem"
33
33
testPrivateECDSAKey = "testdata/private_ecdsa_key.pem"
34
34
testPrivateEd25519Key = "testdata/private_ed25519_key.pem"
35
+
testPrivateOpenSSLECKey = "testdata/openssl_secp384.pem"
35
36
testUnsupportedECDSAKey = "testdata/secp256k1-key.pem"
36
37
testMessedUpPrivateKey = "testdata/messed_up_priv_key.pem"
37
38
testEncryptedPrivateKey = "testdata/enc_priv_key.pem"
@@ -374,11 +375,22 @@ func TestParsePrivateKeyPEM(t *testing.T) {
374
375
if err != nil {
375
376
t.Fatal(err)
376
377
}
378
+
377
379
_, err = ParsePrivateKeyPEM(testEd25519PEM)
378
380
if err != nil {
379
381
t.Fatal(err)
380
382
}
381
383
384
+
testOpenSSLECKey, err := ioutil.ReadFile(testPrivateOpenSSLECKey)
385
+
if err != nil {
386
+
t.Fatal(err)
387
+
}
388
+
389
+
_, err = ParsePrivateKeyPEM(testOpenSSLECKey)
390
+
if err != nil {
391
+
t.Fatal(err)
392
+
}
393
+
382
394
// error cases
383
395
errCases := []string{
384
396
testMessedUpPrivateKey, // a few lines deleted
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
1
+
-----BEGIN EC PARAMETERS-----
2
+
BgUrgQQAIg==
3
+
-----END EC PARAMETERS-----
4
+
-----BEGIN EC PRIVATE KEY-----
5
+
MIGkAgEBBDCn5safCQ6/JAUEbf1/BvOBvP9XHfcsEvQooEd0g0v4akMNmH53nXKQ
6
+
qvsZBUP14X6gBwYFK4EEACKhZANiAAR1q1+sGy8Pmgdco9LEB10gJkIO0lBid8aK
7
+
0xmtEL7U1RTQnNyraswwI0hxHwzwSHHKojD8Msdy5uOngxKnGrUBTuMubezfGbWz
8
+
ULOFvrTemUIlNmSsWMcrzEBEnZxvOqY=
9
+
-----END EC PRIVATE KEY-----
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4