From e18d36ebae30536c77c61cd5da123991e0ca1629 Mon Sep 17 00:00:00 2001
From: Rasmus Dahlberg <rasmus@rgdd.se>
Date: Sun, 31 Dec 2023 09:39:25 +0100
Subject: Add drafty prototype

---
 internal/x509util/x509util.go | 44 -------------------------------------------
 1 file changed, 44 deletions(-)
 delete mode 100644 internal/x509util/x509util.go

(limited to 'internal/x509util/x509util.go')

diff --git a/internal/x509util/x509util.go b/internal/x509util/x509util.go
deleted file mode 100644
index 912d1b4..0000000
--- a/internal/x509util/x509util.go
+++ /dev/null
@@ -1,44 +0,0 @@
-package x509util
-
-import (
-	"crypto/x509"
-	"encoding/pem"
-	"fmt"
-)
-
-// ParseChain parses a certificate chain in PEM format.  At least one
-// certificate must be in the chain.  The first certificate must be a leaf,
-// whereas all other certificates must CA certificates (intermdiates/roots).
-//
-// Note: it is not checked if the certificate chain's root is trusted or not.
-func ParseChain(b []byte) ([]x509.Certificate, error) {
-	var chain []x509.Certificate
-
-	for {
-		block, rest := pem.Decode(b)
-		if block == nil {
-			break
-		}
-		crt, err := x509.ParseCertificate(block.Bytes)
-		if err != nil {
-			return nil, fmt.Errorf("parse certificate: %v", err)
-		}
-
-		chain = append(chain, *crt)
-		b = rest
-	}
-
-	if len(chain) == 0 {
-		return nil, fmt.Errorf("no certificates in the provided chain")
-	}
-	if chain[0].IsCA {
-		return nil, fmt.Errorf("leaf certificate has the CA bit set")
-	}
-	for _, crt := range chain[1:] {
-		if !crt.IsCA {
-			return nil, fmt.Errorf("non-leaf certificate without the CA bit set")
-		}
-	}
-
-	return chain, nil
-}
-- 
cgit v1.2.3