Skip to content

Commit b01271c

Browse files
ndyakovndyakov
committed
wip(examples): debug cert example
1 parent 585b788 commit b01271c

File tree

1 file changed

+42
-3
lines changed

1 file changed

+42
-3
lines changed

examples/entraid/clientcert/main.go

Lines changed: 42 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,9 @@ package main
22

33
import (
44
"context"
5+
"crypto/rsa"
56
"crypto/x509"
7+
"encoding/base64"
68
"encoding/pem"
79
"fmt"
810
"log"
@@ -23,6 +25,8 @@ func main() {
2325
if err != nil {
2426
log.Fatalf("Failed to load config: %v", err)
2527
}
28+
fmt.Println(cfg)
29+
fmt.Println(cfg.AzureCert)
2630

2731
// Create a confidential identity credentials provider with certificate authentication
2832
cp, err := entraid.NewConfidentialCredentialsProvider(entraid.ConfidentialCredentialsProviderOptions{
@@ -36,7 +40,7 @@ func main() {
3640
},
3741
Scopes: cfg.GetRedisScopes(),
3842
ClientCert: parseCertificates(cfg.AzureCert),
39-
ClientPrivateKey: []byte(cfg.AzurePrivateKey),
43+
ClientPrivateKey: parsePrivateKey(cfg.AzurePrivateKey),
4044
},
4145
})
4246
if err != nil {
@@ -102,10 +106,37 @@ func main() {
102106
fmt.Printf("Retrieved value from cluster: %s\n", clusterVal)
103107
}
104108

109+
func decodeBase64Pem(pemData string) string {
110+
decoded, err := base64.StdEncoding.DecodeString(pemData)
111+
if err != nil {
112+
log.Fatalf("Failed to decode base64: %v", err)
113+
}
114+
return string(decoded)
115+
}
116+
117+
func parsePrivateKey(base64data string) *rsa.PrivateKey {
118+
var privateKey *rsa.PrivateKey
119+
var err error
120+
pk, err := x509.ParsePKCS8PrivateKey([]byte(base64data))
121+
if err != nil {
122+
log.Printf("Failed to parse pkcs8 key: %v", err)
123+
} else {
124+
privateKey, _ = pk.(*rsa.PrivateKey)
125+
return privateKey
126+
}
127+
pk, err = x509.ParsePKCS1PrivateKey([]byte(base64data))
128+
if err != nil {
129+
log.Fatalf("Failed to parse pkcs1 key: %v", err)
130+
}
131+
privateKey, _ = pk.(*rsa.PrivateKey)
132+
return privateKey
133+
}
134+
105135
func parseCertificates(pemData string) []*x509.Certificate {
106136
var certs []*x509.Certificate
137+
decoded := decodeBase64Pem(pemData)
107138
for {
108-
block, rest := pem.Decode([]byte(pemData))
139+
block, rest := pem.Decode([]byte(decoded))
109140
if block == nil {
110141
break
111142
}
@@ -116,7 +147,15 @@ func parseCertificates(pemData string) []*x509.Certificate {
116147
}
117148
certs = append(certs, cert)
118149
}
119-
pemData = string(rest)
150+
decoded = string(rest)
151+
}
152+
if len(certs) == 0 {
153+
decoded := decodeBase64Pem(pemData)
154+
cert, err := x509.ParseCertificate([]byte(decoded))
155+
if err != nil {
156+
log.Fatalf("Failed to parse certificate: %v", err)
157+
}
158+
certs = append(certs, cert)
120159
}
121160
return certs
122161
}

0 commit comments

Comments
 (0)