add certificate functionality
This commit is contained in:
parent
e0ec6b1bef
commit
d4d2d4c09b
|
@ -23,6 +23,10 @@ type (
|
||||||
CertificateRequest x509.CertificateRequest
|
CertificateRequest x509.CertificateRequest
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func NewCertificateData() *CertificateData {
|
||||||
|
return &CertificateData{Subject: pkix.Name{}}
|
||||||
|
}
|
||||||
|
|
||||||
// Create a certificate sign request from the input data and the private key of
|
// Create a certificate sign request from the input data and the private key of
|
||||||
// the request creator.
|
// the request creator.
|
||||||
func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
|
func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
|
||||||
|
@ -40,16 +44,42 @@ func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*Certifi
|
||||||
|
|
||||||
// Load a certificate sign request from its asn1 representation.
|
// Load a certificate sign request from its asn1 representation.
|
||||||
func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
|
func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
|
||||||
csr, err = x509.ParseCertificateRequest(csr_asn1)
|
csr, err := x509.ParseCertificateRequest(raw)
|
||||||
if err != nil { return nil, err }
|
if err != nil { return nil, err }
|
||||||
return (*CertificateRequest)(csr), nil
|
return (*CertificateRequest)(csr), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return the certificate sign request as a pem block.
|
// Return the certificate sign request as a pem block.
|
||||||
func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
|
func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
|
||||||
block := pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
|
block := &pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
|
||||||
return pem.EncodeToMemory(block), nil
|
return pem.EncodeToMemory(block), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *CertificateRequest) ToCertificate() {
|
// Convert the certificate sign request to a certificate using the private key
|
||||||
|
// of the signer and the certificate of the signer.
|
||||||
|
// If the certificate is null, the sign request will be used to sign itself.
|
||||||
|
// For more information, please read http://golang.org/pkg/crypto/x509/#CreateCertificate
|
||||||
|
func (c *CertificateRequest) ToCertificate(private_key PrivateKey, ca *Certificate) (*Certificate, error) {
|
||||||
|
template := &x509.Certificate{}
|
||||||
|
template.Subject = c.Subject
|
||||||
|
template.DNSNames = c.DNSNames
|
||||||
|
template.IPAddresses = c.IPAddresses
|
||||||
|
template.EmailAddresses = c.EmailAddresses
|
||||||
|
|
||||||
|
var cert_asn1 []byte
|
||||||
|
var err error
|
||||||
|
if ca == nil {
|
||||||
|
cert_asn1, err = x509.CreateCertificate(rand.Reader, template, template, c.PublicKey, private_key)
|
||||||
|
} else {
|
||||||
|
cert_asn1, err = x509.CreateCertificate(rand.Reader, template, (*x509.Certificate)(ca), c.PublicKey, private_key)
|
||||||
|
}
|
||||||
|
if err != nil { return nil, err }
|
||||||
|
return LoadCertificate(cert_asn1)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Load a certificate from its asn1 representation.
|
||||||
|
func LoadCertificate(raw []byte) (*Certificate, error) {
|
||||||
|
cert, err := x509.ParseCertificate(raw)
|
||||||
|
if err != nil { return nil, err }
|
||||||
|
return (*Certificate)(cert), nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue