raul
/
cert400
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Prepare client certificate generation

This commit is contained in:
raul 2024-05-22 16:38:03 +02:00
parent 47ebd58e4e
commit b1ea9e2912
1 changed files with 72 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
cmd/generateFunc.go
View File

@ -12,13 +12,13 @@ import (
"crypto/x509/pkix" "crypto/x509/pkix"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"io"
"log" "log"
"math/big" "math/big"
"os" "os"
"time" "time"
"github.com/spf13/viper" "github.com/spf13/viper"
//"github.com/spf13/viper"
) )
var ( var (
@ -126,37 +126,81 @@ func generateCA() {
Type: "RSA PRIVATE KEY", Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(caPrivKey), Bytes: x509.MarshalPKCS1PrivateKey(caPrivKey),
}) })
// readCert, err := io.ReadAll(caPEM)
// if err != nil {
// log.Fatalf("Error happened preparing to write cert: %v\n", err)
// }
cert.WriteString(string(caPEM.Bytes())) cert.WriteString(string(caPEM.Bytes()))
// readKey, err := io.ReadAll(caPrivKeyPEM)
// if err != nil {
// log.Fatalf("Error happened preparing to write key: %v\n", err)
// }
key.WriteString(string(caPrivKeyPEM.Bytes())) key.WriteString(string(caPrivKeyPEM.Bytes()))
} }
func generateCert() { func generateCert() {
// cert := &x509.Certificate{ home, err := os.UserHomeDir()
// SerialNumber: big.NewInt(1658), if err != nil {
// Subject: pkix.Name{ log.Fatalf("Error happened looking up user home directory: %v\n", err)
// Organization: []string{"LOL Company"}, }
// Country: []string{"US"}, cert := &x509.Certificate{
// Province: []string{""}, SerialNumber: big.NewInt(1658),
// Locality: []string{"San Francisco"}, Subject: pkix.Name{
// StreetAddress: []string{"Golden Gate Bridge"}, Organization: []string{"LOL Company"},
// PostalCode: []string{"94016"}, Country: []string{"US"},
// }, Province: []string{""},
// PermittedDNSDomains: []string{"test.bulgariu.xyz"}, Locality: []string{"San Francisco"},
// NotBefore: time.Now(), StreetAddress: []string{"Golden Gate Bridge"},
// NotAfter: time.Now().AddDate(10, 0, 0), PostalCode: []string{"94016"},
// SubjectKeyId: []byte{1, 2, 3, 4, 6}, },
// ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}, PermittedDNSDomains: []string{"test.bulgariu.xyz"},
// KeyUsage: x509.KeyUsageDigitalSignature, NotBefore: time.Now(),
// } NotAfter: time.Now().AddDate(10, 0, 0),
SubjectKeyId: []byte{1, 2, 3, 4, 6},
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
KeyUsage: x509.KeyUsageDigitalSignature,
}
certPrivKey, err := rsa.GenerateKey(rand.Reader, 4096)
if err != nil {
log.Print(err)
}
////////////////////// Fetching CA data //////////////////////
caPath, err := os.Open(home + "/.config/cert400/ca.crt")
if err != nil {
log.Print(err)
}
defer caPath.Close()
caPrivPath, err := os.Open(home + "/.config/cert400/ca.key")
if err != nil {
log.Print(err)
}
defer caPrivPath.Close()
//////////////////////////////////////////////////////////////
caFile, err := io.ReadAll(caPath)
if err != nil {
log.Print(err)
}
caCert, err := x509.ParseCertificate(caFile)
if err != nil {
log.Print(err)
}
caPrivFile, err := io.ReadAll(caPrivPath)
if err != nil {
log.Print(err)
}
caPrivKey, err := x509.ParseCertificate(caPrivFile)
certBytes, err := x509.CreateCertificate(rand.Reader, cert, caCert, &certPrivKey.PublicKey, caPrivKey)
if err != nil {
log.Print(err)
}
certPEM := new(bytes.Buffer)
pem.Encode(certPEM, &pem.Block{
Type: "CERTIFICATE",
Bytes: certBytes,
})
certPrivKeyPEM := new(bytes.Buffer)
pem.Encode(certPrivKeyPEM, &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: x509.MarshalPKCS1PrivateKey(certPrivKey),
})
} }