Skip to content

Commit

Permalink
tls/config: Disable linting for deprecated x509.IsEncryptedPEMBlock &…
Browse files Browse the repository at this point in the history 
… x509.DecryptPEMBlock
  • Loading branch information
@rajiv-k
rajiv-k committed May 11, 2023
1 parent 9d12809 commit fa044be
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions plugins/common/tls/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,7 @@ func loadCertificate(config *tls.Config, certFile, keyFile, privateKeyPassphrase
if keyPEMBlock == nil {
return errors.New("failed to decode private key: no PEM data found")
}
//nolint:staticcheck // SA1019 Disable linting for deprecated x509.IsEncryptedPEMBlock call
if x509.IsEncryptedPEMBlock(keyPEMBlock) {
// The key is an encrypted private key with the DEK information header.
// Example: An encrypted key generated by the `ssh-keygen` utility, like so:
Expand All @@ -250,6 +251,7 @@ func loadCertificate(config *tls.Config, certFile, keyFile, privateKeyPassphrase
return errors.New("missing password for PKCS#1 encrypted private key")
}
var decryptedKey []byte
//nolint:staticcheck // SA1019 Disable linting for deprecated x509.DecryptPEMBlock call
if decryptedKey, err = x509.DecryptPEMBlock(keyPEMBlock, []byte(privateKeyPassphrase)); err != nil {
return fmt.Errorf("failed to parse encrypted PKCS#1 private key: %w", err)
}
Expand Down

0 comments on commit fa044be

Please sign in to comment.