aboutsummaryrefslogtreecommitdiff
path: root/sign_request.go
diff options
context:
space:
mode:
Diffstat (limited to 'sign_request.go')
-rw-r--r--sign_request.go62
1 files changed, 62 insertions, 0 deletions
diff --git a/sign_request.go b/sign_request.go
new file mode 100644
index 0000000..db41f5a
--- /dev/null
+++ b/sign_request.go
@@ -0,0 +1,62 @@
+package main
+
+import (
+ "crypto/rand"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/pem"
+ "fmt"
+ "flag"
+ "io"
+ "os"
+)
+
+type (
+ SignFlags struct {
+ PrivateKeyPath string // path to the private key
+ Output string // path where to store the CSR
+ BaseAttributes pkix.Name
+
+ private_key PrivateKey
+ output_stream io.WriteCloser // the output stream for the CSR
+ }
+)
+
+// create a sign request with a private key
+func create_sign_request() {
+ flags := parse_sign_flags()
+ flags.private_key = load_private_key(flags.PrivateKeyPath)
+
+ var err error
+ flags.output_stream, err = open_output_stream(flags.Output)
+ if err != nil {
+ crash_with_help(2, fmt.Sprintf("Error when creating file %s: %s", flags.Output, err))
+ }
+ defer flags.output_stream.Close()
+
+ csr_template := &x509.CertificateRequest{
+ Subject: flags.BaseAttributes,
+ }
+ csr_raw, err := x509.CreateCertificateRequest(rand.Reader, csr_template, flags.private_key)
+ if err != nil {
+ fmt.Fprintln(os.Stderr, "Error when generating CSR: ", err)
+ os.Exit(3)
+ }
+ block := &pem.Block{Type: TypeLabelCSR, Bytes: csr_raw}
+ pem.Encode(flags.output_stream, block)
+}
+
+// parse the flags to create a certificate sign request
+func parse_sign_flags() SignFlags {
+ flags := SignFlags{}
+ fs := flag.NewFlagSet("create-cert-sign", flag.ExitOnError)
+ fs.StringVar(&flags.PrivateKeyPath, "private-key", "", "path to the private key file")
+ fs.StringVar(&flags.Output, "output", "STDOUT", "path where the generated csr should be stored")
+
+ flags.BaseAttributes = pkix.Name{}
+ fs.StringVar(&flags.BaseAttributes.CommonName, "common-name", "", "the name of the resource")
+ fs.StringVar(&flags.BaseAttributes.SerialNumber, "serial", "1", "serial number for the request")
+
+ fs.Parse(os.Args[2:])
+ return flags
+}