| 141 | } |
| 142 | |
| 143 | func pemBlockForKey(pk any, l log.Logger) *pem.Block { |
| 144 | switch k := pk.(type) { |
| 145 | case *rsa.PrivateKey: |
| 146 | return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)} |
| 147 | case *ecdsa.PrivateKey: |
| 148 | b, err := x509.MarshalECPrivateKey(k) |
| 149 | if err != nil { |
| 150 | l.Fatal().Err(err).Msg("Unable to marshal ECDSA private key") |
| 151 | } |
| 152 | return &pem.Block{Type: "EC PRIVATE KEY", Bytes: b} |
| 153 | default: |
| 154 | return nil |
| 155 | } |
| 156 | } |
| 157 | |
| 158 | func ensureExistsDir(uri string) error { |
| 159 | certPath := filepath.Dir(uri) |