distribution/vendor/github.com/aws/aws-sdk-go/service/cloudfront/sign/privkey.go

package sign

import (
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"fmt"
	"io"
	"io/ioutil"
	"os"
)

// LoadPEMPrivKeyFile reads a PEM encoded RSA private key from the file name.
// A new RSA private key will be returned if no error.
func LoadPEMPrivKeyFile(name string) (*rsa.PrivateKey, error) {
	file, err := os.Open(name)
	if err != nil {
		return nil, err
	}
	defer file.Close()

	return LoadPEMPrivKey(file)
}

// LoadPEMPrivKey reads a PEM encoded RSA private key from the io.Reader.
// A new RSA private key will be returned if no error.
func LoadPEMPrivKey(reader io.Reader) (*rsa.PrivateKey, error) {
	block, err := loadPem(reader)
	if err != nil {
		return nil, err
	}

	return x509.ParsePKCS1PrivateKey(block.Bytes)
}

// LoadEncryptedPEMPrivKey decrypts the PEM encoded private key using the
// password provided returning a RSA private key. If the PEM data is invalid,
// or unable to decrypt an error will be returned.
func LoadEncryptedPEMPrivKey(reader io.Reader, password []byte) (*rsa.PrivateKey, error) {
	block, err := loadPem(reader)
	if err != nil {
		return nil, err
	}

	decryptedBlock, err := x509.DecryptPEMBlock(block, password)
	if err != nil {
		return nil, err
	}

	return x509.ParsePKCS1PrivateKey(decryptedBlock)
}

func loadPem(reader io.Reader) (*pem.Block, error) {
	b, err := ioutil.ReadAll(reader)
	if err != nil {
		return nil, err
	}

	block, _ := pem.Decode(b)
	if block == nil {
		// pem.Decode will set block to nil if there is no PEM data in the input
		// the second parameter will contain the provided bytes that failed
		// to be decoded.
		return nil, fmt.Errorf("no valid PEM data provided")
	}

	return block, nil
}
Adds new s3 driver using aws-sdk-go instead of goamz Keeps old s3 driver, renames to s3goamz, registers new s3 driver as both "s3" and "s3aws" Changes cloudfront middleware to use aws-sdk-go Signed-off-by: Brian Bland <brian.bland@docker.com> 2016-01-22 02:17:53 +00:00			`package sign`

			`import (`
			`"crypto/rsa"`
			`"crypto/x509"`
			`"encoding/pem"`
			`"fmt"`
			`"io"`
			`"io/ioutil"`
			`"os"`
			`)`

			`// LoadPEMPrivKeyFile reads a PEM encoded RSA private key from the file name.`
			`// A new RSA private key will be returned if no error.`
			`func LoadPEMPrivKeyFile(name string) (*rsa.PrivateKey, error) {`
			`file, err := os.Open(name)`
			`if err != nil {`
			`return nil, err`
			`}`
			`defer file.Close()`

			`return LoadPEMPrivKey(file)`
			`}`

			`// LoadPEMPrivKey reads a PEM encoded RSA private key from the io.Reader.`
			`// A new RSA private key will be returned if no error.`
			`func LoadPEMPrivKey(reader io.Reader) (*rsa.PrivateKey, error) {`
			`block, err := loadPem(reader)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return x509.ParsePKCS1PrivateKey(block.Bytes)`
			`}`

			`// LoadEncryptedPEMPrivKey decrypts the PEM encoded private key using the`
			`// password provided returning a RSA private key. If the PEM data is invalid,`
			`// or unable to decrypt an error will be returned.`
			`func LoadEncryptedPEMPrivKey(reader io.Reader, password []byte) (*rsa.PrivateKey, error) {`
			`block, err := loadPem(reader)`
			`if err != nil {`
			`return nil, err`
			`}`

			`decryptedBlock, err := x509.DecryptPEMBlock(block, password)`
			`if err != nil {`
			`return nil, err`
			`}`

			`return x509.ParsePKCS1PrivateKey(decryptedBlock)`
			`}`

			`func loadPem(reader io.Reader) (*pem.Block, error) {`
			`b, err := ioutil.ReadAll(reader)`
			`if err != nil {`
			`return nil, err`
			`}`

			`block, _ := pem.Decode(b)`
			`if block == nil {`
			`// pem.Decode will set block to nil if there is no PEM data in the input`
			`// the second parameter will contain the provided bytes that failed`
			`// to be decoded.`
			`return nil, fmt.Errorf("no valid PEM data provided")`
			`}`

			`return block, nil`
			`}`