diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2022-10-03 11:52:29 +1100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-10-03 11:52:29 +1100 |
| commit | 3f39914c8f4dcaa63d56de579143fc8378afb9b0 (patch) | |
| tree | a3470adaff418c3bba79846e777d94c634b8df58 /internal/configuration/decode_hooks.go | |
| parent | 32bd2eba60e49a7848ebf6adff1ebaa75f903e41 (diff) | |
refactor: private key decoding and generators (#4116)
Diffstat (limited to 'internal/configuration/decode_hooks.go')
| -rw-r--r-- | internal/configuration/decode_hooks.go | 48 |
1 files changed, 37 insertions, 11 deletions
diff --git a/internal/configuration/decode_hooks.go b/internal/configuration/decode_hooks.go index 31f657f37..9dd236690 100644 --- a/internal/configuration/decode_hooks.go +++ b/internal/configuration/decode_hooks.go @@ -1,6 +1,7 @@ package configuration import ( + "crypto/ecdsa" "crypto/rsa" "crypto/x509" "fmt" @@ -343,8 +344,8 @@ func StringToX509CertificateChainHookFunc() mapstructure.DecodeHookFuncType { } } -// StringToRSAPrivateKeyHookFunc decodes strings to rsa.PrivateKey's. -func StringToRSAPrivateKeyHookFunc() mapstructure.DecodeHookFuncType { +// StringToPrivateKeyHookFunc decodes strings to rsa.PrivateKey's. +func StringToPrivateKeyHookFunc() mapstructure.DecodeHookFuncType { return func(f reflect.Type, t reflect.Type, data interface{}) (value interface{}, err error) { if f.Kind() != reflect.String { return data, nil @@ -354,21 +355,36 @@ func StringToRSAPrivateKeyHookFunc() mapstructure.DecodeHookFuncType { return data, nil } - expectedType := reflect.TypeOf(rsa.PrivateKey{}) + expectedTypeRSA := reflect.TypeOf(rsa.PrivateKey{}) + expectedTypeECDSA := reflect.TypeOf(ecdsa.PrivateKey{}) - if t.Elem() != expectedType { - return data, nil - } + var ( + i any + expectedType reflect.Type + ) dataStr := data.(string) - var result *rsa.PrivateKey + switch t.Elem() { + case expectedTypeRSA: + var result *rsa.PrivateKey - if dataStr == "" { - return result, nil - } + if dataStr == "" { + return result, nil + } - var i interface{} + expectedType = expectedTypeRSA + case expectedTypeECDSA: + var result *ecdsa.PrivateKey + + if dataStr == "" { + return result, nil + } + + expectedType = expectedTypeECDSA + default: + return data, nil + } if i, err = utils.ParseX509FromPEM([]byte(dataStr)); err != nil { return nil, fmt.Errorf(errFmtDecodeHookCouldNotParseBasic, "*", expectedType, err) @@ -376,6 +392,16 @@ func StringToRSAPrivateKeyHookFunc() mapstructure.DecodeHookFuncType { switch r := i.(type) { case *rsa.PrivateKey: + if expectedType != expectedTypeRSA { + return nil, fmt.Errorf(errFmtDecodeHookCouldNotParseBasic, "*", expectedType, fmt.Errorf("the data is for a %T not a *%s", r, expectedType)) + } + + return r, nil + case *ecdsa.PrivateKey: + if expectedType != expectedTypeECDSA { + return nil, fmt.Errorf(errFmtDecodeHookCouldNotParseBasic, "*", expectedType, fmt.Errorf("the data is for a %T not a *%s", r, expectedType)) + } + return r, nil default: return nil, fmt.Errorf(errFmtDecodeHookCouldNotParseBasic, "*", expectedType, fmt.Errorf("the data is for a %T not a *%s", r, expectedType)) |