aboutsummaryrefslogtreecommitdiff
path: root/certificate.go
diff options
context:
space:
mode:
authorGibheer <gibheer@gmail.com>2015-03-15 21:38:04 +0100
committerGibheer <gibheer@gmail.com>2015-03-15 21:38:04 +0100
commitd4d2d4c09ba082113e0ea232149d50c9c8b9cbfd (patch)
tree764b63a58da03093a9fb71ed276e7d87f162d81d /certificate.go
parente0ec6b1bef22bbdb9c1c773f6d33b5e1f3d2807f (diff)
add certificate functionality
Diffstat (limited to 'certificate.go')
-rw-r--r--certificate.go36
1 files changed, 33 insertions, 3 deletions
diff --git a/certificate.go b/certificate.go
index 452c3ee..b597834 100644
--- a/certificate.go
+++ b/certificate.go
@@ -23,6 +23,10 @@ type (
CertificateRequest x509.CertificateRequest
)
+func NewCertificateData() *CertificateData {
+ return &CertificateData{Subject: pkix.Name{}}
+}
+
// Create a certificate sign request from the input data and the private key of
// the request creator.
func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
@@ -40,16 +44,42 @@ func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*Certifi
// Load a certificate sign request from its asn1 representation.
func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
- csr, err = x509.ParseCertificateRequest(csr_asn1)
+ csr, err := x509.ParseCertificateRequest(raw)
if err != nil { return nil, err }
return (*CertificateRequest)(csr), nil
}
// Return the certificate sign request as a pem block.
func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
- block := pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
+ block := &pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
return pem.EncodeToMemory(block), nil
}
-func (c *CertificateRequest) ToCertificate() {
+// Convert the certificate sign request to a certificate using the private key
+// of the signer and the certificate of the signer.
+// If the certificate is null, the sign request will be used to sign itself.
+// For more information, please read http://golang.org/pkg/crypto/x509/#CreateCertificate
+func (c *CertificateRequest) ToCertificate(private_key PrivateKey, ca *Certificate) (*Certificate, error) {
+ template := &x509.Certificate{}
+ template.Subject = c.Subject
+ template.DNSNames = c.DNSNames
+ template.IPAddresses = c.IPAddresses
+ template.EmailAddresses = c.EmailAddresses
+
+ var cert_asn1 []byte
+ var err error
+ if ca == nil {
+ cert_asn1, err = x509.CreateCertificate(rand.Reader, template, template, c.PublicKey, private_key)
+ } else {
+ cert_asn1, err = x509.CreateCertificate(rand.Reader, template, (*x509.Certificate)(ca), c.PublicKey, private_key)
+ }
+ if err != nil { return nil, err }
+ return LoadCertificate(cert_asn1)
+}
+
+// Load a certificate from its asn1 representation.
+func LoadCertificate(raw []byte) (*Certificate, error) {
+ cert, err := x509.ParseCertificate(raw)
+ if err != nil { return nil, err }
+ return (*Certificate)(cert), nil
}