From 5a0e418281c05f069c7b70bfa3132b258740ece6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sigrid=20Solveig=20Hafl=C3=ADnud=C3=B3ttir?= Date: Wed, 30 Nov 2022 23:13:13 +0100 Subject: [PATCH] [feature] Support PKCS1 "RSA PUBLIC KEY" pem block type (#1179) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * ap: add support for PKCS1 "RSA PUBLIC KEY" pem block type Signed-off-by: Sigrid Solveig Haflínudóttir * ap: report no PEM data or unknown pem block type Signed-off-by: Sigrid Solveig Haflínudóttir Signed-off-by: Sigrid Solveig Haflínudóttir --- internal/ap/extract.go | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/internal/ap/extract.go b/internal/ap/extract.go index a7a46e51c..74bc94f18 100644 --- a/internal/ap/extract.go +++ b/internal/ap/extract.go @@ -22,6 +22,7 @@ package ap import ( + "crypto" "crypto/rsa" "crypto/x509" "encoding/pem" @@ -318,18 +319,24 @@ func ExtractPublicKeyForOwner(i WithPublicKey, forOwner *url.URL) (*rsa.PublicKe } block, _ := pem.Decode([]byte(pkeyPem)) - if block == nil || block.Type != "PUBLIC KEY" { - return nil, nil, errors.New("could not decode publicKeyPem to PUBLIC KEY pem block type") + if block == nil { + return nil, nil, errors.New("could not decode publicKeyPem: no PEM data") + } + var p crypto.PublicKey + switch block.Type { + case "PUBLIC KEY": + p, err = x509.ParsePKIXPublicKey(block.Bytes) + case "RSA PUBLIC KEY": + p, err = x509.ParsePKCS1PublicKey(block.Bytes) + default: + return nil, nil, fmt.Errorf("could not parse public key: unknown block type: %q", block.Type) } - - p, err := x509.ParsePKIXPublicKey(block.Bytes) if err != nil { return nil, nil, fmt.Errorf("could not parse public key from block bytes: %s", err) } if p == nil { return nil, nil, errors.New("returned public key was empty") } - if publicKey, ok := p.(*rsa.PublicKey); ok { return publicKey, pkeyID, nil }