refine certificate sign request workings

2015-03-15 20:45:35 +01:00 · 2015-03-15 20:45:35 +01:00 · e0ec6b1bef
parent 09a8380b7a
commit e0ec6b1bef
1 changed files with 41 additions and 31 deletions
--- a/certificate.go
+++ b/certificate.go
@ -1,45 +1,55 @@
 package pki
 import (
-//  "crypto/x509/pkix"
+  "crypto/rand"
-  "errors"
+  "crypto/x509"
  "crypto/x509/pkix"
  "encoding/pem"
  "net"
 )
-var (
+const PemLabelCertificateRequest = "CERTIFICATE REQUEST"
  ErrTypeMisMatch = errors.New("types mismatched")
 )
 type (
  CertificateData struct {
-    // required fields
+    Subject  pkix.Name
    SerialNumber   string
    CommonName     string
-    // alternative data
+    DnsNames       []string
    DNSNames       []string
    EmailAddresses []string
-    IPAddresses    []net.IP
+    IpAddresses    []net.IP
    // address data
    Country        []string
    Province       []string
    Locality       []string
    PostalCode     []string
    StreetAddress  []string
    Organization   []string
    OrganizationalUnit []string
  }
  Certificate x509.Certificate
  CertificateRequest x509.CertificateRequest
 )
-// create a certificate sign request with the certificate data
+// Create a certificate sign request from the input data and the private key of
-//func (c *CertificateData) CreateCertificateRequest(priv PrivateKey) (*Certificate, error) {
+// the request creator.
-//  csr := x509.CertificateRequest{}
+func (c *CertificateData) ToCertificateRequest(private_key PrivateKey) (*CertificateRequest, error) {
-//  csr.Subject := c.createSubject()
+  csr := &x509.CertificateRequest{}
-//}
+
-//
+  csr.Subject        = c.Subject
-//// create a pkix.Name for the subject of a cert or csr
+  csr.DNSNames       = c.DnsNames
-//func (c *CertificateData) createSubject() (pkix.Name) {
+  csr.IPAddresses    = c.IpAddresses
-//  name := pkix.Name{}
+  csr.EmailAddresses = c.EmailAddresses
-//  errors := make([]error, 0)
+
-//}
+  csr_asn1, err := x509.CreateCertificateRequest(rand.Reader, csr, private_key.PrivateKey())
  if err != nil { return nil, err }
  return LoadCertificateSignRequest(csr_asn1)
 }
 // Load a certificate sign request from its asn1 representation.
 func LoadCertificateSignRequest(raw []byte) (*CertificateRequest, error) {
  csr, err = x509.ParseCertificateRequest(csr_asn1)
  if err != nil { return nil, err }
  return (*CertificateRequest)(csr), nil
 }
 // Return the certificate sign request as a pem block.
 func (c *CertificateRequest) MarshalPem() (marshalledPemBlock, error) {
  block := pem.Block{Type: PemLabelCertificateRequest, Bytes: c.Raw}
  return pem.EncodeToMemory(block), nil
 }
 func (c *CertificateRequest) ToCertificate() {
 }