vanja/gluetun
1
0
Fork 0
mirror of https://github.com/qdm12/gluetun.git synced 2026-05-06 20:10:11 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
4a78989d9df352a28514160cea6ec940f2f1bb28
gluetun/internal/openvpn/pkcs8/algorithms.go
T
Quentin McGaw 4a78989d9d chore: do not use sentinel errors when unneeded 
- main reason being it's a burden to always define sentinel errors at global scope, wrap them with `%w` instead of using a string directly
- only use sentinel errors when it has to be checked using `errors.Is`
- replace all usage of these sentinel errors in `fmt.Errorf` with direct strings that were in the sentinel error
- exclude the sentinel error definition requirement from .golangci.yml
- update unit tests to use ContainersError instead of ErrorIs so it stays as a "not a change detector test" without requiring a sentinel error
2026-05-02 03:29:46 +00:00

48 lines
1.5 KiB
Go
Raw Blame History

package pkcs8
import (
"crypto/x509/pkix"
"encoding/asn1"
"fmt"
)
// Algorithm identifiers are listed at
// https://www.ibm.com/docs/en/zos/2.3.0?topic=programming-object-identifiers
var oidDESCBC = asn1.ObjectIdentifier{1, 3, 14, 3, 2, 7} //nolint:gochecknoglobals
type encryptedPrivateKey struct {
EncryptionAlgorithm pkix.AlgorithmIdentifier
EncryptedData []byte
}
type encryptedAlgorithmParams struct {
KeyDerivationFunc pkix.AlgorithmIdentifier
EncryptionScheme pkix.AlgorithmIdentifier
}
func getEncryptionAlgorithmOid(der []byte) (
encryptionSchemeAlgorithm asn1.ObjectIdentifier, err error,
) {
var encryptedPrivateKeyData encryptedPrivateKey
_, err = asn1.Unmarshal(der, &encryptedPrivateKeyData)
if err != nil {
return nil, fmt.Errorf("decoding asn1 encrypted private key data: %w", err)
}
oidPBES2 := asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 5, 13}
oidAlgorithm := encryptedPrivateKeyData.EncryptionAlgorithm.Algorithm
if !oidAlgorithm.Equal(oidPBES2) {
return nil, fmt.Errorf("encryption algorithm is not PBES2: %s instead of PBES2 %s",
oidAlgorithm, oidPBES2)
}
var encryptionAlgorithmParams encryptedAlgorithmParams
paramBytes := encryptedPrivateKeyData.EncryptionAlgorithm.Parameters.FullBytes
_, err = asn1.Unmarshal(paramBytes, &encryptionAlgorithmParams)
if err != nil {
return nil, fmt.Errorf("decoding asn1 encryption algorithm parameters: %w", err)
}
return encryptionAlgorithmParams.EncryptionScheme.Algorithm, nil
}
Reference in New Issue View Git Blame Copy Permalink