diff options
Diffstat (limited to 'crypto.go')
-rw-r--r-- | crypto.go | 29 |
1 files changed, 2 insertions, 27 deletions
@@ -7,8 +7,6 @@ import ( "crypto/rand" "crypto/rsa" "crypto/x509" - "crypto/x509/pkix" - "encoding/asn1" "encoding/base64" "encoding/pem" "errors" @@ -28,7 +26,6 @@ const ( var ( ErrKeyType = errors.New("unknown key type") ErrKeySize = errors.New("insufficient key size") - ErrValues = errors.New("domain(s) and email required") ) func SaveCSR(w io.Writer, csr []byte) error { @@ -101,16 +98,6 @@ func LoadCerts(r io.Reader) ([]*x509.Certificate, error) { return x509.ParseCertificates(block.Bytes) } -// GetMail returns emailAddress embedded in certificate -func GetMail(cert *x509.Certificate) string { - for _, n := range cert.Subject.Names { - if n.Type.Equal(oidMailAddress) { - return n.Value.(string) - } - } - return "" -} - // NewKey generates a new private key, supported keysizes are: // EC keys: 224, 256, 384, 521 // RSA keys: 1024, 1536, 2048, 4096, 8192 @@ -135,20 +122,8 @@ func NewKey(size int) (crypto.PrivateKey, error) { } } -var oidMailAddress = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 1} - -func NewCSR(key crypto.PrivateKey, altnames []string, email string) (string, error) { - if len(altnames) < 1 || email == "" { - return "", ErrValues - } - tmpl := x509.CertificateRequest{ - Subject: pkix.Name{ - ExtraNames: []pkix.AttributeTypeAndValue{ - {Type: oidMailAddress, Value: email}, - }, - }, - DNSNames: altnames, - } +func NewCSR(key crypto.PrivateKey, altnames []string) (string, error) { + tmpl := x509.CertificateRequest{DNSNames: altnames} der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, key) if err != nil { return "", err |