aboutsummaryrefslogtreecommitdiff
path: root/crypto.go
diff options
context:
space:
mode:
Diffstat (limited to 'crypto.go')
-rw-r--r--crypto.go29
1 files changed, 2 insertions, 27 deletions
diff --git a/crypto.go b/crypto.go
index d0ea41e..9fed806 100644
--- a/crypto.go
+++ b/crypto.go
@@ -7,8 +7,6 @@ import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
- "crypto/x509/pkix"
- "encoding/asn1"
"encoding/base64"
"encoding/pem"
"errors"
@@ -28,7 +26,6 @@ const (
var (
ErrKeyType = errors.New("unknown key type")
ErrKeySize = errors.New("insufficient key size")
- ErrValues = errors.New("domain(s) and email required")
)
func SaveCSR(w io.Writer, csr []byte) error {
@@ -101,16 +98,6 @@ func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
return x509.ParseCertificates(block.Bytes)
}
-// GetMail returns emailAddress embedded in certificate
-func GetMail(cert *x509.Certificate) string {
- for _, n := range cert.Subject.Names {
- if n.Type.Equal(oidMailAddress) {
- return n.Value.(string)
- }
- }
- return ""
-}
-
// NewKey generates a new private key, supported keysizes are:
// EC keys: 224, 256, 384, 521
// RSA keys: 1024, 1536, 2048, 4096, 8192
@@ -135,20 +122,8 @@ func NewKey(size int) (crypto.PrivateKey, error) {
}
}
-var oidMailAddress = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 9, 1}
-
-func NewCSR(key crypto.PrivateKey, altnames []string, email string) (string, error) {
- if len(altnames) < 1 || email == "" {
- return "", ErrValues
- }
- tmpl := x509.CertificateRequest{
- Subject: pkix.Name{
- ExtraNames: []pkix.AttributeTypeAndValue{
- {Type: oidMailAddress, Value: email},
- },
- },
- DNSNames: altnames,
- }
+func NewCSR(key crypto.PrivateKey, altnames []string) (string, error) {
+ tmpl := x509.CertificateRequest{DNSNames: altnames}
der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, key)
if err != nil {
return "", err