Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(175)

Side by Side Diff: src/pkg/crypto/tls/generate_cert.go

Issue 1697048: code review 1697048: http, crypto/tls: followup fixes from 1684051. (Closed)
Patch Set: code review 1697048: http, crypto/tls: followup fixes from 1684051. Created 13 years, 8 months ago
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | src/pkg/crypto/tls/tls.go » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2009 The Go Authors. All rights reserved. 1 // Copyright 2009 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style 2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file. 3 // license that can be found in the LICENSE file.
4 4
5 // Generate a self-signed X.509 certificate for a TLS server. Outputs to 5 // Generate a self-signed X.509 certificate for a TLS server. Outputs to
6 // 'cert.pem' and 'key.pem' and will overwrite existing files. 6 // 'cert.pem' and 'key.pem' and will overwrite existing files.
7 7
8 package main 8 package main
9 9
10 import ( 10 import (
11 "crypto/rsa" 11 "crypto/rsa"
12 "crypto/x509" 12 "crypto/x509"
13 "encoding/pem" 13 "encoding/pem"
14 » "fmt" 14 » "flag"
15 "log" 15 "log"
16 "os" 16 "os"
17 "time" 17 "time"
18 ) 18 )
19 19
20 var hostName *string = flag.String("host", "127.0.0.1", "Hostname to generate a certificate for")
21
20 func main() { 22 func main() {
21 » if len(os.Args) != 2 { 23 » flag.Parse()
22 » » fmt.Printf("Usage: %s <hostname of server>\n", os.Args[0]) 24
25 » urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0)
26 » if err != nil {
27 » » log.Exitf("failed to open /dev/urandom: %s", err)
23 return 28 return
24 } 29 }
25 30
26 » hostName := os.Args[1] 31 » priv, err := rsa.GenerateKey(urandom, 1024)
27
28 » urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0)
29 if err != nil { 32 if err != nil {
30 » » log.Crashf("failed to open /dev/urandom: %s\n", err) 33 » » log.Exitf("failed to generate private key: %s", err)
31 return 34 return
32 } 35 }
33 36
34 log.Stdoutf("Generating RSA key\n")
35 priv, err := rsa.GenerateKey(urandom, 1024)
36 if err != nil {
37 log.Crashf("failed to generate private key: %s\n", err)
38 return
39 }
40
41 now := time.Seconds() 37 now := time.Seconds()
42 38
43 template := x509.Certificate{ 39 template := x509.Certificate{
44 SerialNumber: []byte{0}, 40 SerialNumber: []byte{0},
45 Subject: x509.Name{ 41 Subject: x509.Name{
46 » » » CommonName: hostName, 42 » » » CommonName: *hostName,
47 Organization: "Acme Co", 43 Organization: "Acme Co",
48 }, 44 },
49 NotBefore: time.SecondsToUTC(now - 300), 45 NotBefore: time.SecondsToUTC(now - 300),
50 » » NotAfter: time.SecondsToUTC(now + 86400*365), // valid for 1 ye ar. 46 » » NotAfter: time.SecondsToUTC(now + 60*60*24*365), // valid for 1 year.
51 47
52 SubjectKeyId: []byte{1, 2, 3, 4}, 48 SubjectKeyId: []byte{1, 2, 3, 4},
53 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigita lSignature, 49 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigita lSignature,
54 } 50 }
55 51
56 derBytes, err := x509.CreateCertificate(urandom, &template, &template, & priv.PublicKey, priv) 52 derBytes, err := x509.CreateCertificate(urandom, &template, &template, & priv.PublicKey, priv)
57 if err != nil { 53 if err != nil {
58 » » log.Crashf("Failed to create certificate: %s", err) 54 » » log.Exitf("Failed to create certificate: %s", err)
59 return 55 return
60 } 56 }
61 57
62 certOut, err := os.Open("cert.pem", os.O_WRONLY|os.O_CREAT, 0644) 58 certOut, err := os.Open("cert.pem", os.O_WRONLY|os.O_CREAT, 0644)
63 if err != nil { 59 if err != nil {
64 » » log.Crashf("failed to open cert.pem for writing: %s\n", err) 60 » » log.Exitf("failed to open cert.pem for writing: %s", err)
65 return 61 return
66 } 62 }
67 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) 63 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
68 certOut.Close() 64 certOut.Close()
69 log.Stdoutf("written cert.pem\n") 65 log.Stdoutf("written cert.pem\n")
70 66
71 keyOut, err := os.Open("key.pem", os.O_WRONLY|os.O_CREAT, 0600) 67 keyOut, err := os.Open("key.pem", os.O_WRONLY|os.O_CREAT, 0600)
72 if err != nil { 68 if err != nil {
73 » » log.Crashf("failed to open key.pem for writing: %s\n", err) 69 » » log.Exitf("failed to open key.pem for writing: %s", err)
74 return 70 return
75 } 71 }
76 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.Marsh alPKCS1PrivateKey(priv)}) 72 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.Marsh alPKCS1PrivateKey(priv)})
77 keyOut.Close() 73 keyOut.Close()
78 log.Stdoutf("written key.pem\n") 74 log.Stdoutf("written key.pem\n")
79 } 75 }
OLDNEW
« no previous file with comments | « no previous file | src/pkg/crypto/tls/tls.go » ('j') | no next file with comments »

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b