refine certificate sign request workings
This commit is contained in:
parent
09a8380b7a
commit
e0ec6b1bef
|
@ -1,45 +1,55 @@
|
|||
package pki
|
||||
|
||||
import (
|
||||
// "crypto/x509/pkix"
|
||||
"errors"
|
||||
"crypto/rand"
|
||||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"encoding/pem"
|
||||
"net"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrTypeMisMatch = errors.New("types mismatched")
|
||||
)
|
||||
const PemLabelCertificateRequest = "CERTIFICATE REQUEST"
|
||||
|
||||
type (
|
||||
CertificateData struct {
|
||||
// required fields
|
||||
SerialNumber string
|
||||
CommonName string
|
||||
Subject pkix.Name
|
||||
|
||||
// alternative data
|
||||
DNSNames []string
|
||||
DnsNames []string
|
||||
EmailAddresses []string
|
||||
IPAddresses []net.IP
|
||||
|
||||
// address data
|
||||
Country []string
|
||||
Province []string
|
||||
Locality []string
|
||||
PostalCode []string
|
||||
StreetAddress []string
|
||||
Organization []string
|
||||
OrganizationalUnit []string
|
||||
IpAddresses []net.IP
|
||||
}
|
||||
|
||||
Certificate x509.Certificate
|
||||
CertificateRequest x509.CertificateRequest
|
||||
)
|
||||
|
||||
// create a certificate sign request with the certificate data
|
||||
//func (c *CertificateData) CreateCertificateRequest(priv PrivateKey) (*Certificate, error) {
|
||||
// csr := x509.CertificateRequest{}
|
||||
// csr.Subject := c.createSubject()
|
||||
//}
|
||||
//
|
||||
//// create a pkix.Name for the subject of a cert or csr
|
||||
//func (c *CertificateData) createSubject() (pkix.Name) {
|
||||
// name := pkix.Name{}
|
||||
// errors := make([]error, 0)
|
||||
//}
|
||||
// Create a certificate sign request from the input data and the private key of
|
||||
// the request creator.
|
||||
func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
|
||||
csr := &x509.CertificateRequest{}
|
||||
|
||||
csr.Subject = c.Subject
|
||||
csr.DNSNames = c.DnsNames
|
||||
csr.IPAddresses = c.IpAddresses
|
||||
csr.EmailAddresses = c.EmailAddresses
|
||||
|
||||
csr_asn1, err := x509.CreateCertificateRequest(rand.Reader, csr, private_key.PrivateKey())
|
||||
if err != nil { return nil, err }
|
||||
return LoadCertificateSignRequest(csr_asn1)
|
||||
}
|
||||
|
||||
// Load a certificate sign request from its asn1 representation.
|
||||
func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
|
||||
csr, err = x509.ParseCertificateRequest(csr_asn1)
|
||||
if err != nil { return nil, err }
|
||||
return (*CertificateRequest)(csr), nil
|
||||
}
|
||||
|
||||
// Return the certificate sign request as a pem block.
|
||||
func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
|
||||
block := pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
|
||||
return pem.EncodeToMemory(block), nil
|
||||
}
|
||||
|
||||
func (c *CertificateRequest) ToCertificate() {
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue