libgo/go/crypto/tls/generate_cert.go - Issue 4035044: code review 4035044: Update to current version of Go library.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Side by Side Diff: libgo/go/crypto/tls/generate_cert.go

Issue 4035044: code review 4035044: Update to current version of Go library. (Closed)

Patch Set: Created 14 years, 2 months ago

Left:
Right:

Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2009 The Go Authors. All rights reserved.	1 // Copyright 2009 The Go Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style	2 // Use of this source code is governed by a BSD-style

3 // license that can be found in the LICENSE file.	3 // license that can be found in the LICENSE file.

4	4

5 // Generate a self-signed X.509 certificate for a TLS server. Outputs to	5 // Generate a self-signed X.509 certificate for a TLS server. Outputs to

6 // 'cert.pem' and 'key.pem' and will overwrite existing files.	6 // 'cert.pem' and 'key.pem' and will overwrite existing files.

7	7

8 package main	8 package main

9	9

10 import (	10 import (

11 "crypto/rsa"	11 "crypto/rsa"

	12 "crypto/rand"

12 "crypto/x509"	13 "crypto/x509"

13 "encoding/pem"	14 "encoding/pem"

14 "flag"	15 "flag"

15 "log"	16 "log"

16 "os"	17 "os"

17 "time"	18 "time"

18 )	19 )

19	20

20 var hostName *string = flag.String("host", "127.0.0.1", "Hostname to generate a certificate for")	21 var hostName *string = flag.String("host", "127.0.0.1", "Hostname to generate a certificate for")

21	22

22 func main() {	23 func main() {

23 flag.Parse()	24 flag.Parse()

24	25

25 » urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0)	26 » priv, err := rsa.GenerateKey(rand.Reader, 1024)

26 » if err != nil {

27 » » log.Exitf("failed to open /dev/urandom: %s", err)

28 » » return

29 » }

30

31 » priv, err := rsa.GenerateKey(urandom, 1024)

32 if err != nil {	27 if err != nil {

33 log.Exitf("failed to generate private key: %s", err)	28 log.Exitf("failed to generate private key: %s", err)

34 return	29 return

35 }	30 }

36	31

37 now := time.Seconds()	32 now := time.Seconds()

38	33

39 template := x509.Certificate{	34 template := x509.Certificate{

40 SerialNumber: []byte{0},	35 SerialNumber: []byte{0},

41 Subject: x509.Name{	36 Subject: x509.Name{

42 CommonName: *hostName,	37 CommonName: *hostName,

43 » » » Organization: "Acme Co",	38 » » » Organization: []string{"Acme Co"},

44 },	39 },

45 NotBefore: time.SecondsToUTC(now - 300),	40 NotBefore: time.SecondsToUTC(now - 300),

46 NotAfter: time.SecondsToUTC(now + 606024*365), // valid for 1 year.	41 NotAfter: time.SecondsToUTC(now + 606024*365), // valid for 1 year.

47	42

48 SubjectKeyId: []byte{1, 2, 3, 4},	43 SubjectKeyId: []byte{1, 2, 3, 4},

49 KeyUsage: x509.KeyUsageKeyEncipherment \| x509.KeyUsageDigita lSignature,	44 KeyUsage: x509.KeyUsageKeyEncipherment \| x509.KeyUsageDigita lSignature,

50 }	45 }

51	46

52 » derBytes, err := x509.CreateCertificate(urandom, &template, &template, & priv.PublicKey, priv)	47 » derBytes, err := x509.CreateCertificate(rand.Reader, &template, &templat e, &priv.PublicKey, priv)

53 if err != nil {	48 if err != nil {

54 log.Exitf("Failed to create certificate: %s", err)	49 log.Exitf("Failed to create certificate: %s", err)

55 return	50 return

56 }	51 }

57	52

58 certOut, err := os.Open("cert.pem", os.O_WRONLY\|os.O_CREAT, 0644)	53 certOut, err := os.Open("cert.pem", os.O_WRONLY\|os.O_CREAT, 0644)

59 if err != nil {	54 if err != nil {

60 log.Exitf("failed to open cert.pem for writing: %s", err)	55 log.Exitf("failed to open cert.pem for writing: %s", err)

61 return	56 return

62 }	57 }

63 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})	58 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})

64 certOut.Close()	59 certOut.Close()

65 log.Print("written cert.pem\n")	60 log.Print("written cert.pem\n")

66	61

67 keyOut, err := os.Open("key.pem", os.O_WRONLY\|os.O_CREAT, 0600)	62 keyOut, err := os.Open("key.pem", os.O_WRONLY\|os.O_CREAT, 0600)

68 if err != nil {	63 if err != nil {

69 log.Print("failed to open key.pem for writing:", err)	64 log.Print("failed to open key.pem for writing:", err)

70 return	65 return

71 }	66 }

72 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.Marsh alPKCS1PrivateKey(priv)})	67 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.Marsh alPKCS1PrivateKey(priv)})

73 keyOut.Close()	68 keyOut.Close()

74 log.Print("written key.pem\n")	69 log.Print("written key.pem\n")

75 }	70 }

OLD	NEW

« no previous file with comments | « libgo/go/crypto/tls/conn_test.go ('k') | libgo/go/crypto/tls/handshake_client.go » ('j') | no next file with comments »