From aa0c2f3fc07e3c52e62c570ee9108e4602b3ddbf Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Thu, 5 Nov 2020 10:44:37 +0100 Subject: simplified encoding and decoding Go's "encoding/json" already takes care of encoding and decoding byte slices as base64. As such, it need not be done explicitly by us. --- x509.go | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) (limited to 'x509.go') diff --git a/x509.go b/x509.go index e0fa3bc..db983c4 100644 --- a/x509.go +++ b/x509.go @@ -8,7 +8,6 @@ import ( "crypto/rand" "crypto/tls" "crypto/x509" - "encoding/base64" "encoding/pem" "io/ioutil" ) @@ -135,17 +134,13 @@ func ParseChain(rest []byte) ([]*x509.Certificate, error) { return chain, nil } -// ParseB64Chain parses a list of base64 DER-encoded X.509 certificates, such +// ParseDerChain parses a list of base64 DER-encoded X.509 certificates, such // that the first (zero-index) string is interpretted as an end-entity // certificate and the remaining ones as the an intermediate CertPool. -func ParseB64Chain(chain []string) (*x509.Certificate, *x509.CertPool, error) { +func ParseDerChain(chain [][]byte) (*x509.Certificate, *x509.CertPool, error) { var certificate *x509.Certificate intermediatePool := x509.NewCertPool() - for index, cert := range chain { - der, err := base64.StdEncoding.DecodeString(cert) - if err != nil { - return nil, nil, fmt.Errorf("certificate decoding failed: %v", err) - } + for index, der := range chain { c, err := x509.ParseCertificate(der) if err != nil { return nil, nil, fmt.Errorf("certificate decoding failed: %v", err) @@ -163,8 +158,8 @@ func ParseB64Chain(chain []string) (*x509.Certificate, *x509.CertPool, error) { return certificate, intermediatePool, nil } -func buildChainFromB64List(lp *LogParameters, b64chain []string) ([]*x509.Certificate, error) { - certificate, intermediatePool, err := ParseB64Chain(b64chain) +func buildChainFromDerList(lp *LogParameters, derChain [][]byte) ([]*x509.Certificate, error) { + certificate, intermediatePool, err := ParseDerChain(derChain) if err != nil { return nil, err } -- cgit v1.2.3