27 lines
666 B
Bash
27 lines
666 B
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
if [ -z "${RSA_PRIVATE_KEY_BASE64:-}" ]; then
|
|
echo "RSA_PRIVATE_KEY_BASE64 is not set"
|
|
exit 2
|
|
fi
|
|
|
|
# Try decode base64
|
|
if echo "$RSA_PRIVATE_KEY_BASE64" | base64 -d > /tmp/rsa_key.pem 2>/dev/null; then
|
|
:
|
|
else
|
|
# Try replacing literal \n
|
|
echo "Attempting to replace literal \n and write PEM"
|
|
printf '%b' "$RSA_PRIVATE_KEY_BASE64" > /tmp/rsa_key.pem
|
|
fi
|
|
|
|
# Validate with openssl
|
|
if openssl pkey -in /tmp/rsa_key.pem -noout -text >/dev/null 2>&1; then
|
|
echo "RSA private key is valid PEM"
|
|
exit 0
|
|
else
|
|
echo "RSA private key is invalid"
|
|
echo "Preview (first 20 lines):"
|
|
sed -n '1,20p' /tmp/rsa_key.pem
|
|
exit 1
|
|
fi
|