From 1116cd3e51e7a56c2b941f80f8fdca0f68063972 Mon Sep 17 00:00:00 2001 From: raul Date: Wed, 22 May 2024 16:08:57 +0200 Subject: [PATCH] Customize CA cert generation via config file --- cert400.toml.example | 13 ++++++++++ cmd/generateFunc.go | 57 ++++++++++++++++++++++++++++++++++---------- 2 files changed, 57 insertions(+), 13 deletions(-) create mode 100644 cert400.toml.example diff --git a/cert400.toml.example b/cert400.toml.example new file mode 100644 index 0000000..63db725 --- /dev/null +++ b/cert400.toml.example @@ -0,0 +1,13 @@ +[CA] +serial_number = 2020 +organization = "Empresa SL" +country = "ES" +province = "Valencia" +locality = "Valencia" +street_address = "C/Fake Address 123" +postal_code = "80085" +not_after = 1 +rsa_bitsize = 3072 + +[Server] +port = "1302" diff --git a/cmd/generateFunc.go b/cmd/generateFunc.go index d2145d7..d873d76 100644 --- a/cmd/generateFunc.go +++ b/cmd/generateFunc.go @@ -1,3 +1,7 @@ +/* +Copyright © 2024 raul +*/ + package cmd import ( @@ -12,6 +16,21 @@ import ( "math/big" "os" "time" + + "github.com/spf13/viper" + //"github.com/spf13/viper" +) + +var ( + serialnumber int + organization string + country string + province string + locality string + streetaddress string + postalcode string + notafter int + RSA_bitsize int ) func generateCA() { @@ -19,24 +38,36 @@ func generateCA() { if err != nil { log.Fatalf("Error happened looking up user home directory: %v\n", err) } + RSA_bitsize = viper.GetInt("CA.rsa_bitsize") + serialnumber = viper.GetInt("CA.serial_number") + organization = viper.GetString("CA.organization") + country = viper.GetString("CA.country") + province = viper.GetString("CA.province") + locality = viper.GetString("CA.locality") + streetaddress = viper.GetString("CA.street_address") + postalcode = viper.GetString("CA.postal_code") + notafter = viper.GetInt("CA.not_after") + // fmt.Println(serialnumber, organization, country, province, locality, streetaddress, postalcode, notafter) + // os.Exit(0) + ca := &x509.Certificate{ - SerialNumber: big.NewInt(2024), + SerialNumber: big.NewInt(int64(serialnumber)), Subject: pkix.Name{ - Organization: []string{"Company, INC."}, - Country: []string{"US"}, - Province: []string{""}, - Locality: []string{"San Francisco sucks"}, - StreetAddress: []string{"Golden Gate Bridge"}, - PostalCode: []string{"94016"}, + Organization: []string{organization}, + Country: []string{country}, + Province: []string{province}, + Locality: []string{locality}, + StreetAddress: []string{streetaddress}, + PostalCode: []string{postalcode}, }, NotBefore: time.Now(), - NotAfter: time.Now().AddDate(10, 0, 0), + NotAfter: time.Now().AddDate(notafter, 0, 0), IsCA: true, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, BasicConstraintsValid: true, } - caPrivKey, err := rsa.GenerateKey(rand.Reader, 3072) + caPrivKey, err := rsa.GenerateKey(rand.Reader, RSA_bitsize) if err != nil { log.Fatalf("Error happened generating private key: %v\n", err) } @@ -68,16 +99,16 @@ func generateCA() { } } - fmt.Printf("Generating %v/.config/cert400/server.key...\n", home) + fmt.Printf("Generating %v/.config/cert400/ca.key...\n", home) // TODO: Check if keys already exist and warn the user about it - key, err := os.OpenFile(home+"/.config/cert400/server.key", os.O_WRONLY|os.O_CREATE, 0600) + key, err := os.OpenFile(home+"/.config/cert400/ca.key", os.O_WRONLY|os.O_CREATE, 0600) if err != nil { log.Fatalf("Error happened opening file: %v\n", err) } defer key.Close() - fmt.Printf("Generating %v/.config/cert400/server.cert...\n", home) - cert, err := os.OpenFile(home+"/.config/cert400/server.crt", os.O_WRONLY|os.O_CREATE, 0600) + fmt.Printf("Generating %v/.config/cert400/ca.cert...\n", home) + cert, err := os.OpenFile(home+"/.config/cert400/ca.crt", os.O_WRONLY|os.O_CREATE, 0600) if err != nil { log.Fatalf("Error happened opening file: %v\n", err) }