Details
-
Improvement
-
Resolution: Fixed
-
Major - P3
-
None
-
None
-
Fully Compatible
Description
func loadCert(data []byte) ([]byte, error) {
|
var certBlock *pem.Block
|
|
|
for certBlock == nil {
|
if data == nil || len(data) == 0 {
|
return nil, errors.New(".pem file must have both a CERTIFICATE and an RSA PRIVATE KEY section")
|
}
|
|
|
block, rest := pem.Decode(data)
|
if block == nil {
|
return nil, errors.New("invalid .pem file")
|
}
|
|
|
switch block.Type {
|
case "CERTIFICATE":
|
if certBlock != nil {
|
return nil, errors.New("multiple CERTIFICATE sections in .pem file")
|
}
|
|
|
certBlock = block
|
}
|
|
|
data = rest
|
}
|
|
|
return certBlock.Bytes, nil
|
}
|
The very first error is confusing; it actually indicates that no CERTIFICATE block was found (possibly because the file is empty).
The "if certBlock != nil" block is actually unreachable; the for loop ensures that certBlock is always nil. That case could actually be simplified to just "return certBlock.Bytes", and the for loop could just be "for {".
Finally, "loadCert" is actually implemented in two files, along with "addCACertFromFile"; these should be consilidated.