aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGibheer <gibheer@gmail.com>2015-03-15 20:45:35 +0100
committerGibheer <gibheer@gmail.com>2015-03-15 20:45:35 +0100
commite0ec6b1bef22bbdb9c1c773f6d33b5e1f3d2807f (patch)
tree5e14884dbc7e432ca3786c1e8f5901da4275b59f
parent09a8380b7a4165bb4004f4d3efe87ac1fa151be9 (diff)
refine certificate sign request workings
-rw-r--r--certificate.go72
1 files changed, 41 insertions, 31 deletions
diff --git a/certificate.go b/certificate.go
index 6537173..452c3ee 100644
--- a/certificate.go
+++ b/certificate.go
@@ -1,45 +1,55 @@
package pki
import (
-// "crypto/x509/pkix"
- "errors"
+ "crypto/rand"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/pem"
"net"
)
-var (
- ErrTypeMisMatch = errors.New("types mismatched")
-)
+const PemLabelCertificateRequest = "CERTIFICATE REQUEST"
type (
CertificateData struct {
- // required fields
- SerialNumber string
- CommonName string
+ Subject pkix.Name
- // alternative data
- DNSNames []string
+ DnsNames []string
EmailAddresses []string
- IPAddresses []net.IP
-
- // address data
- Country []string
- Province []string
- Locality []string
- PostalCode []string
- StreetAddress []string
- Organization []string
- OrganizationalUnit []string
+ IpAddresses []net.IP
}
+
+ Certificate x509.Certificate
+ CertificateRequest x509.CertificateRequest
)
-// create a certificate sign request with the certificate data
-//func (c *CertificateData) CreateCertificateRequest(priv PrivateKey) (*Certificate, error) {
-// csr := x509.CertificateRequest{}
-// csr.Subject := c.createSubject()
-//}
-//
-//// create a pkix.Name for the subject of a cert or csr
-//func (c *CertificateData) createSubject() (pkix.Name) {
-// name := pkix.Name{}
-// errors := make([]error, 0)
-//}
+// Create a certificate sign request from the input data and the private key of
+// the request creator.
+func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
+ csr := &x509.CertificateRequest{}
+
+ csr.Subject = c.Subject
+ csr.DNSNames = c.DnsNames
+ csr.IPAddresses = c.IpAddresses
+ csr.EmailAddresses = c.EmailAddresses
+
+ csr_asn1, err := x509.CreateCertificateRequest(rand.Reader, csr, private_key.PrivateKey())
+ if err != nil { return nil, err }
+ return LoadCertificateSignRequest(csr_asn1)
+}
+
+// Load a certificate sign request from its asn1 representation.
+func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
+ csr, err = x509.ParseCertificateRequest(csr_asn1)
+ if err != nil { return nil, err }
+ return (*CertificateRequest)(csr), nil
+}
+
+// Return the certificate sign request as a pem block.
+func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
+ block := pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
+ return pem.EncodeToMemory(block), nil
+}
+
+func (c *CertificateRequest) ToCertificate() {
+}