fix: generate non encrypted key when passphrase is empty
Some checks failed
Cadoles/go-http-peering/pipeline/head There was a failure building this commit
Some checks failed
Cadoles/go-http-peering/pipeline/head There was a failure building this commit
This commit is contained in:
parent
20c4bef161
commit
db06098fdd
@ -53,21 +53,21 @@ func DecodePEMEncryptedPrivateKey(key []byte, passphrase []byte) (*rsa.PrivateKe
|
||||
}
|
||||
|
||||
func EncodePrivateKeyToEncryptedPEM(key *rsa.PrivateKey, passphrase []byte) ([]byte, error) {
|
||||
if passphrase == nil {
|
||||
return nil, errors.New("passphrase cannot be empty")
|
||||
}
|
||||
|
||||
block := &pem.Block{
|
||||
Type: "RSA PRIVATE KEY",
|
||||
Bytes: x509.MarshalPKCS1PrivateKey(key),
|
||||
}
|
||||
|
||||
block, err := x509.EncryptPEMBlock(
|
||||
rand.Reader, block.Type,
|
||||
block.Bytes, passphrase, x509.PEMCipherAES256,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, errors.WithStack(err)
|
||||
if len(passphrase) != 0 {
|
||||
encryptedBlock, err := x509.EncryptPEMBlock(
|
||||
rand.Reader, block.Type,
|
||||
block.Bytes, passphrase, x509.PEMCipherAES256,
|
||||
)
|
||||
if err != nil {
|
||||
return nil, errors.WithStack(err)
|
||||
}
|
||||
|
||||
block = encryptedBlock
|
||||
}
|
||||
|
||||
return pem.EncodeToMemory(block), nil
|
||||
|
Loading…
Reference in New Issue
Block a user