fix: generate non encrypted key when passphrase is empty
Some checks failed
Cadoles/go-http-peering/pipeline/head There was a failure building this commit

This commit is contained in:
wpetit 2024-01-05 09:55:10 +01:00
parent 20c4bef161
commit db06098fdd

View File

@ -53,21 +53,21 @@ func DecodePEMEncryptedPrivateKey(key []byte, passphrase []byte) (*rsa.PrivateKe
}
func EncodePrivateKeyToEncryptedPEM(key *rsa.PrivateKey, passphrase []byte) ([]byte, error) {
if passphrase == nil {
return nil, errors.New("passphrase cannot be empty")
}
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(key),
}
block, err := x509.EncryptPEMBlock(
rand.Reader, block.Type,
block.Bytes, passphrase, x509.PEMCipherAES256,
)
if err != nil {
return nil, errors.WithStack(err)
if len(passphrase) != 0 {
encryptedBlock, err := x509.EncryptPEMBlock(
rand.Reader, block.Type,
block.Bytes, passphrase, x509.PEMCipherAES256,
)
if err != nil {
return nil, errors.WithStack(err)
}
block = encryptedBlock
}
return pem.EncodeToMemory(block), nil