Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
k3s
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Jacklull
k3s
Commits
efd19d3c
Unverified
Commit
efd19d3c
authored
Nov 12, 2018
by
k8s-ci-robot
Committed by
GitHub
Nov 12, 2018
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #70970 from awly/unexport-csr-parsecsr
Unexport csr.ParseCSR
parents
27cf50d8
41334cfd
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
10 additions
and
15 deletions
+10
-15
csr.go
staging/src/k8s.io/client-go/util/certificate/csr/csr.go
+10
-15
No files found.
staging/src/k8s.io/client-go/util/certificate/csr/csr.go
View file @
efd19d3c
...
...
@@ -202,23 +202,23 @@ func digestedName(privateKeyData []byte, subject *pkix.Name, usages []certificat
// ensureCompatible ensures that a CSR object is compatible with an original CSR
func
ensureCompatible
(
new
,
orig
*
certificates
.
CertificateSigningRequest
,
privateKey
interface
{})
error
{
newC
sr
,
err
:=
P
arseCSR
(
new
)
newC
SR
,
err
:=
p
arseCSR
(
new
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"unable to parse new csr: %v"
,
err
)
}
origC
sr
,
err
:=
P
arseCSR
(
orig
)
origC
SR
,
err
:=
p
arseCSR
(
orig
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"unable to parse original csr: %v"
,
err
)
}
if
!
reflect
.
DeepEqual
(
newC
sr
.
Subject
,
origCsr
.
Subject
)
{
return
fmt
.
Errorf
(
"csr subjects differ: new: %#v, orig: %#v"
,
newC
sr
.
Subject
,
origCsr
.
Subject
)
if
!
reflect
.
DeepEqual
(
newC
SR
.
Subject
,
origCSR
.
Subject
)
{
return
fmt
.
Errorf
(
"csr subjects differ: new: %#v, orig: %#v"
,
newC
SR
.
Subject
,
origCSR
.
Subject
)
}
signer
,
ok
:=
privateKey
.
(
crypto
.
Signer
)
if
!
ok
{
return
fmt
.
Errorf
(
"privateKey is not a signer"
)
}
newC
sr
.
PublicKey
=
signer
.
Public
()
if
err
:=
newC
sr
.
CheckSignature
();
err
!=
nil
{
newC
SR
.
PublicKey
=
signer
.
Public
()
if
err
:=
newC
SR
.
CheckSignature
();
err
!=
nil
{
return
fmt
.
Errorf
(
"error validating signature new CSR against old key: %v"
,
err
)
}
if
len
(
new
.
Status
.
Certificate
)
>
0
{
...
...
@@ -247,17 +247,12 @@ func formatError(format string, err error) error {
return
fmt
.
Errorf
(
format
,
err
)
}
//
P
arseCSR extracts the CSR from the API object and decodes it.
func
P
arseCSR
(
obj
*
certificates
.
CertificateSigningRequest
)
(
*
x509
.
CertificateRequest
,
error
)
{
//
p
arseCSR extracts the CSR from the API object and decodes it.
func
p
arseCSR
(
obj
*
certificates
.
CertificateSigningRequest
)
(
*
x509
.
CertificateRequest
,
error
)
{
// extract PEM from request object
pemBytes
:=
obj
.
Spec
.
Request
block
,
_
:=
pem
.
Decode
(
pemBytes
)
block
,
_
:=
pem
.
Decode
(
obj
.
Spec
.
Request
)
if
block
==
nil
||
block
.
Type
!=
"CERTIFICATE REQUEST"
{
return
nil
,
fmt
.
Errorf
(
"PEM block type must be CERTIFICATE REQUEST"
)
}
csr
,
err
:=
x509
.
ParseCertificateRequest
(
block
.
Bytes
)
if
err
!=
nil
{
return
nil
,
err
}
return
csr
,
nil
return
x509
.
ParseCertificateRequest
(
block
.
Bytes
)
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment