Skip to content

Commit 31f7b95

Browse files
ndyakovndyakov
committed
wip(examples): debug cert example
1 parent 585b788 commit 31f7b95

File tree

1 file changed

+44
-6
lines changed

1 file changed

+44
-6
lines changed

examples/entraid/clientcert/main.go

Lines changed: 44 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,9 @@ package main
22

33
import (
44
"context"
5+
"crypto/rsa"
56
"crypto/x509"
7+
"encoding/base64"
68
"encoding/pem"
79
"fmt"
810
"log"
@@ -21,7 +23,7 @@ func main() {
2123
// Load configuration
2224
cfg, err := config.LoadConfig(os.Getenv("REDIS_ENDPOINTS_CONFIG_PATH"))
2325
if err != nil {
24-
log.Fatalf("Failed to load config: %v", err)
26+
log.Printf("Failed to load config: %v", err)
2527
}
2628

2729
// Create a confidential identity credentials provider with certificate authentication
@@ -36,11 +38,11 @@ func main() {
3638
},
3739
Scopes: cfg.GetRedisScopes(),
3840
ClientCert: parseCertificates(cfg.AzureCert),
39-
ClientPrivateKey: []byte(cfg.AzurePrivateKey),
41+
ClientPrivateKey: parsePrivateKey(cfg.AzurePrivateKey),
4042
},
4143
})
4244
if err != nil {
43-
log.Fatalf("Failed to create credentials provider: %v", err)
45+
log.Printf("Failed to create credentials provider: %v", err)
4446
}
4547

4648
// Create Redis client with streaming credentials provider
@@ -102,21 +104,57 @@ func main() {
102104
fmt.Printf("Retrieved value from cluster: %s\n", clusterVal)
103105
}
104106

107+
func decodeBase64Pem(pemData string) string {
108+
decoded, err := base64.StdEncoding.DecodeString(pemData)
109+
if err != nil {
110+
log.Fatalf("Failed to decode base64: %v", err)
111+
}
112+
return string(decoded)
113+
}
114+
115+
func parsePrivateKey(base64data string) *rsa.PrivateKey {
116+
var privateKey *rsa.PrivateKey
117+
var err error
118+
decoded := decodeBase64Pem(base64data)
119+
pk, err := x509.ParsePKCS8PrivateKey([]byte(decoded))
120+
if err != nil {
121+
log.Printf("Failed to parse pkcs8 key: %v", err)
122+
}
123+
privateKey, _ = pk.(*rsa.PrivateKey)
124+
if privateKey == nil {
125+
pk, err = x509.ParsePKCS1PrivateKey([]byte(decoded))
126+
if err != nil {
127+
log.Printf("Failed to parse pkcs1 key: %v", err)
128+
}
129+
privateKey, _ = pk.(*rsa.PrivateKey)
130+
}
131+
return privateKey
132+
}
133+
105134
func parseCertificates(pemData string) []*x509.Certificate {
106135
var certs []*x509.Certificate
136+
decoded := decodeBase64Pem(pemData)
107137
for {
108-
block, rest := pem.Decode([]byte(pemData))
138+
block, rest := pem.Decode([]byte(decoded))
109139
if block == nil {
110140
break
111141
}
112142
if block.Type == "CERTIFICATE" {
113143
cert, err := x509.ParseCertificate(block.Bytes)
114144
if err != nil {
115-
log.Fatalf("Failed to parse certificate: %v", err)
145+
log.Printf("Failed to parse certificate: %v", err)
116146
}
117147
certs = append(certs, cert)
118148
}
119-
pemData = string(rest)
149+
decoded = string(rest)
150+
}
151+
if len(certs) == 0 {
152+
decoded := decodeBase64Pem(pemData)
153+
cert, err := x509.ParseCertificate([]byte(decoded))
154+
if err != nil {
155+
log.Printf("Failed to parse certificate: %v", err)
156+
}
157+
certs = append(certs, cert)
120158
}
121159
return certs
122160
}

0 commit comments

Comments
 (0)