1
0
mirror of https://git.sr.ht/~adnano/go-gemini synced 2024-11-24 01:12:02 +01:00
go-gemini/examples/cert.go

96 lines
2.1 KiB
Go
Raw Normal View History

2020-10-12 22:34:52 +02:00
// +build ignore
2020-09-27 19:50:48 +02:00
package main
import (
2020-10-13 23:33:14 +02:00
"bytes"
"crypto/tls"
"crypto/x509"
"encoding/pem"
2020-10-28 18:47:52 +01:00
"fmt"
2020-09-27 19:50:48 +02:00
"log"
2020-10-13 22:50:59 +02:00
"os"
2020-09-28 05:49:41 +02:00
"time"
2020-09-27 19:50:48 +02:00
2020-10-28 04:35:22 +01:00
"git.sr.ht/~adnano/go-gemini"
2020-09-27 19:50:48 +02:00
)
func main() {
2020-10-28 18:47:52 +01:00
if len(os.Args) < 3 {
fmt.Printf("usage: %s [hostname] [duration]\n", os.Args[0])
os.Exit(1)
}
host := os.Args[1]
duration, err := time.ParseDuration(os.Args[2])
if err != nil {
log.Fatal(err)
}
options := gemini.CertificateOptions{
DNSNames: []string{host},
Duration: duration,
}
cert, err := gemini.CreateCertificate(options)
2020-09-27 19:50:48 +02:00
if err != nil {
log.Fatal(err)
}
2020-10-13 23:33:14 +02:00
if err := writeCertificate(host, cert); err != nil {
2020-09-27 19:50:48 +02:00
log.Fatal(err)
}
}
2020-10-13 22:50:59 +02:00
2020-10-13 23:33:14 +02:00
// writeCertificate writes the provided certificate and private key
2020-10-13 22:50:59 +02:00
// to path.crt and path.key respectively.
2020-10-13 23:33:14 +02:00
func writeCertificate(path string, cert tls.Certificate) error {
crt, err := marshalX509Certificate(cert.Leaf.Raw)
if err != nil {
return err
}
key, err := marshalPrivateKey(cert.PrivateKey)
if err != nil {
return err
}
2020-10-13 22:50:59 +02:00
// Write the certificate
crtPath := path + ".crt"
crtOut, err := os.OpenFile(crtPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := crtOut.Write(crt); err != nil {
return err
}
// Write the private key
keyPath := path + ".key"
keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil {
return err
}
if _, err := keyOut.Write(key); err != nil {
return err
}
return nil
}
2020-10-13 23:33:14 +02:00
// marshalX509Certificate returns a PEM-encoded version of the given raw certificate.
func marshalX509Certificate(cert []byte) ([]byte, error) {
var b bytes.Buffer
if err := pem.Encode(&b, &pem.Block{Type: "CERTIFICATE", Bytes: cert}); err != nil {
return nil, err
}
return b.Bytes(), nil
}
// marshalPrivateKey returns PEM encoded versions of the given certificate and private key.
func marshalPrivateKey(priv interface{}) ([]byte, error) {
var b bytes.Buffer
privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil {
return nil, err
}
if err := pem.Encode(&b, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
return nil, err
}
return b.Bytes(), nil
}