From f23cfc9c46bf40f10f52c6a5f1898624bd3a808e Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus.dahlberg@kau.se>
Date: Tue, 3 Nov 2020 10:45:32 +0100
Subject: moved x509 chain loading to stfe package

---
 x509.go | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

(limited to 'x509.go')

diff --git a/x509.go b/x509.go
index 491c049..e7a45e6 100644
--- a/x509.go
+++ b/x509.go
@@ -104,6 +104,37 @@ func GenV1STH(ld *LogParameters, th *TreeHeadV1) (*StItem, error) {
 	return NewSignedTreeHeadV1(th, ld.LogId, sig), nil
 }
 
+// LoadChain loads a PEM-encoded certificate chain from a given path
+func LoadChain(path string) ([]*x509.Certificate, error) {
+	blob, err := ioutil.ReadFile(path)
+	if err != nil {
+		return nil, fmt.Errorf("failed reading certificate chain: %v", err)
+	}
+	return ParseChain(blob)
+}
+
+// ParseChain parses a PEM-encoded certificate chain
+func ParseChain(rest []byte) ([]*x509.Certificate, error) {
+	var chain []*x509.Certificate
+	for len(rest) > 0 {
+		var block *pem.Block
+		block, rest = pem.Decode(rest)
+		if block == nil {
+			break
+		}
+		if block.Type != "CERTIFICATE" {
+			return nil, fmt.Errorf("unexpected pem block type: %v", block.Type)
+		}
+
+		certificate, err := x509.ParseCertificate(block.Bytes)
+		if err != nil {
+			return nil, fmt.Errorf("failed parsing x509 certificate: %v", err)
+		}
+		chain = append(chain, certificate)
+	}
+	return chain, nil
+}
+
 // ParseB64Chain parses a list of base64 DER-encoded X.509 certificates, such
 // that the first (zero-index) string is interpretted as an end-entity
 // certificate and the remaining ones as the an intermediate CertPool.
-- 
cgit v1.2.3