caddypki: Return error if no PEM data found

Best guess for https://caddy.community/t/on-fly-certificate-generation-based-on-sni/14639/4
This commit is contained in:
Matthew Holt 2022-01-07 10:55:11 -07:00
parent 4b9849c792
commit c634bbe9cc
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5

View file

@ -81,6 +81,9 @@ func pemEncodePrivateKey(key crypto.PrivateKey) ([]byte, error) {
// TODO: this is the same thing as in certmagic. Should we reuse that code somehow? It's unexported. // TODO: this is the same thing as in certmagic. Should we reuse that code somehow? It's unexported.
func pemDecodePrivateKey(keyPEMBytes []byte) (crypto.PrivateKey, error) { func pemDecodePrivateKey(keyPEMBytes []byte) (crypto.PrivateKey, error) {
keyBlockDER, _ := pem.Decode(keyPEMBytes) keyBlockDER, _ := pem.Decode(keyPEMBytes)
if keyBlockDER == nil {
return nil, fmt.Errorf("no PEM data found")
}
if keyBlockDER.Type != "PRIVATE KEY" && !strings.HasSuffix(keyBlockDER.Type, " PRIVATE KEY") { if keyBlockDER.Type != "PRIVATE KEY" && !strings.HasSuffix(keyBlockDER.Type, " PRIVATE KEY") {
return nil, fmt.Errorf("unknown PEM header %q", keyBlockDER.Type) return nil, fmt.Errorf("unknown PEM header %q", keyBlockDER.Type)