diff options
| author | Gibheer <gibheer@gmail.com> | 2014-12-24 11:43:18 +0100 |
|---|---|---|
| committer | Gibheer <gibheer@gmail.com> | 2014-12-24 11:43:18 +0100 |
| commit | 9a173e0019d0ae335666819842dcb9ce4827b285 (patch) | |
| tree | d2d6d0580118db9ce90dd3531b5dd3d05a2963d9 /main.go | |
| parent | 8ce2c7dcf19b4bfa1a1a6ba2df78b4326b8e98cf (diff) | |
split private key generation into own file
Diffstat (limited to 'main.go')
| -rw-r--r-- | main.go | 85 |
1 files changed, 1 insertions, 84 deletions
@@ -7,9 +7,6 @@ import ( "io/ioutil" "os" "path/filepath" - "crypto/elliptic" - "crypto/ecdsa" - "crypto/rsa" "crypto/x509" "crypto/x509/pkix" "crypto/rand" @@ -32,16 +29,6 @@ var ( ) type ( - PrivateKey interface {} - - CreateFlags struct { - CryptType string // rsa or ecdsa - CryptLength int // the bit length - Output string // a path or stream to output the private key to - - output_stream io.WriteCloser // the actual stream to the output - } - SignFlags struct { PrivateKeyPath string // path to the private key Output string // path where to store the CSR @@ -62,80 +49,10 @@ func main() { case "help": print_modules() case "info": info_on_file() case "sign": sign_request() + default: crash_with_help(1, "Command not supported!") } } -// create a new private key -func create_private_key() { - flags := parse_create_flags() - - var err error - flags.output_stream, err = open_output_stream(flags.Output) - if err != nil { - crash_with_help(2, fmt.Sprintf("Error when creating file %s: %s", flags.Output, err)) - } - defer flags.output_stream.Close() - - switch flags.CryptType { - case "rsa": create_private_key_rsa(flags) - case "ecdsa": create_private_key_ecdsa(flags) - default: crash_with_help(2, fmt.Sprintf("%s not supported!", flags.CryptType)) - } -} - -// generate a rsa private key -func create_private_key_rsa(flags CreateFlags) { - if flags.CryptLength < 2048 { - crash_with_help(2, "Length is smaller than 2048!") - } - - priv, err := rsa.GenerateKey( rand.Reader, flags.CryptLength) - if err != nil { - fmt.Fprintln(os.Stderr, "Error: ", err) - os.Exit(3) - } - marshal := x509.MarshalPKCS1PrivateKey(priv) - block := &pem.Block{Type: TypeLabelRSA, Bytes: marshal} - pem.Encode(flags.output_stream, block) -} - -// generate a ecdsa private key -func create_private_key_ecdsa(flags CreateFlags) { - var curve elliptic.Curve - switch flags.CryptLength { - case 224: curve = elliptic.P224() - case 256: curve = elliptic.P256() - case 384: curve = elliptic.P384() - case 521: curve = elliptic.P521() - default: crash_with_help(2, "Unsupported crypt length!") - } - - priv, err := ecdsa.GenerateKey(curve, rand.Reader) - if err != nil { - fmt.Fprintln(os.Stderr, "Error: ", err) - os.Exit(3) - } - marshal, err := x509.MarshalECPrivateKey(priv) - if err != nil { - crash_with_help(2, fmt.Sprintf("Problems marshalling the private key: %s", err)) - } - block := &pem.Block{Type: TypeLabelECDSA, Bytes: marshal} - pem.Encode(flags.output_stream, block) -} - -// parse the flags to create a private key -func parse_create_flags() CreateFlags { - flags := CreateFlags{} - fs := flag.NewFlagSet("create-private", flag.ExitOnError) - fs.StringVar(&flags.CryptType, "type", "ecdsa", "which type to use to encrypt key (rsa, ecdsa)") - fs.IntVar(&flags.CryptLength, "length", 521, fmt.Sprintf( - "%i - %i for rsa; %v for ecdsa", RsaLowerLength, RsaUpperLength, EcdsaLength,)) - fs.StringVar(&flags.Output, "output", "STDOUT", "filename to store the private key") - fs.Parse(os.Args[2:]) - - return flags -} - // create a sign request with a private key func create_sign_request() { flags := parse_sign_flags() |