mirror of
https://github.com/coredns/coredns.git
synced 2025-11-03 10:43:20 -05:00
58 lines
1.2 KiB
Go
58 lines
1.2 KiB
Go
|
package https
|
||
|
|
|
||
|
|
import (
|
||
|
|
"crypto"
|
||
|
|
"crypto/ecdsa"
|
||
|
|
"crypto/rsa"
|
||
|
|
"crypto/x509"
|
||
|
|
"encoding/pem"
|
||
|
|
"errors"
|
||
|
|
"io/ioutil"
|
||
|
|
"os"
|
||
|
|
)
|
||
|
|
|
||
|
|
// loadPrivateKey loads a PEM-encoded ECC/RSA private key from file.
|
||
|
|
func loadPrivateKey(file string) (crypto.PrivateKey, error) {
|
||
|
|
keyBytes, err := ioutil.ReadFile(file)
|
||
|
|
if err != nil {
|
||
|
|
return nil, err
|
||
|
|
}
|
||
|
|
keyBlock, _ := pem.Decode(keyBytes)
|
||
|
|
|
||
|
|
switch keyBlock.Type {
|
||
|
|
case "RSA PRIVATE KEY":
|
||
|
|
return x509.ParsePKCS1PrivateKey(keyBlock.Bytes)
|
||
|
|
case "EC PRIVATE KEY":
|
||
|
|
return x509.ParseECPrivateKey(keyBlock.Bytes)
|
||
|
|
}
|
||
|
|
|
||
|
|
return nil, errors.New("unknown private key type")
|
||
|
|
}
|
||
|
|
|
||
|
|
// savePrivateKey saves a PEM-encoded ECC/RSA private key to file.
|
||
|
|
func savePrivateKey(key crypto.PrivateKey, file string) error {
|
||
|
|
var pemType string
|
||
|
|
var keyBytes []byte
|
||
|
|
switch key := key.(type) {
|
||
|
|
case *ecdsa.PrivateKey:
|
||
|
|
var err error
|
||
|
|
pemType = "EC"
|
||
|
|
keyBytes, err = x509.MarshalECPrivateKey(key)
|
||
|
|
if err != nil {
|
||
|
|
return err
|
||
|
|
}
|
||
|
|
case *rsa.PrivateKey:
|
||
|
|
pemType = "RSA"
|
||
|
|
keyBytes = x509.MarshalPKCS1PrivateKey(key)
|
||
|
|
}
|
||
|
|
|
||
|
|
pemKey := pem.Block{Type: pemType + " PRIVATE KEY", Bytes: keyBytes}
|
||
|
|
keyOut, err := os.Create(file)
|
||
|
|
if err != nil {
|
||
|
|
return err
|
||
|
|
}
|
||
|
|
keyOut.Chmod(0600)
|
||
|
|
defer keyOut.Close()
|
||
|
|
return pem.Encode(keyOut, &pemKey)
|
||
|
|
}
|