aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-06 02:49:32 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-06 02:49:32 +0100
commit545a6a4999f1a42353a8e90b9fada6fbfccea38d (patch)
tree9238cbfdb6a9bdb8c18fbf696cadae9b36c2904c
parentc9ef855f5a3a46c8ec8106cf9b62fd12fc03268b (diff)
Refactor NewCSR
-rw-r--r--certificate.go2
-rw-r--r--crypto.go17
-rw-r--r--desire.go22
3 files changed, 19 insertions, 22 deletions
diff --git a/certificate.go b/certificate.go
index 999e718..5a9c560 100644
--- a/certificate.go
+++ b/certificate.go
@@ -6,7 +6,7 @@ type CSR struct {
}
func (p *Provider) Bundle(s Signer, d *Desire) error {
- csr, err := d.CSR()
+ csr, err := NewCSR(d.cert, d.altnames)
if err != nil {
return err
}
diff --git a/crypto.go b/crypto.go
index eb859c2..220becd 100644
--- a/crypto.go
+++ b/crypto.go
@@ -6,7 +6,10 @@ import (
"crypto/elliptic"
"crypto/rand"
"crypto/rsa"
+ "crypto/tls"
"crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/base64"
"encoding/pem"
"errors"
"io"
@@ -78,3 +81,17 @@ func NewKey(size int) (crypto.PrivateKey, error) {
return rsa.GenerateKey(rand.Reader, size)
}
}
+
+func NewCSR(cert tls.Certificate, altnames []string) (string, error) {
+ tmpl := x509.CertificateRequest{
+ Subject: pkix.Name{CommonName: altnames[0]},
+ }
+ if len(altnames) > 1 {
+ tmpl.DNSNames = altnames
+ }
+ der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, cert.PrivateKey)
+ if err != nil {
+ return "", err
+ }
+ return base64.RawURLEncoding.EncodeToString(der), nil
+}
diff --git a/desire.go b/desire.go
index 148523f..3bcf1a1 100644
--- a/desire.go
+++ b/desire.go
@@ -1,12 +1,6 @@
package acme
-import (
- "crypto/rand"
- "crypto/tls"
- "crypto/x509"
- "crypto/x509/pkix"
- "encoding/base64"
-)
+import "crypto/tls"
type Desire struct {
cert tls.Certificate
@@ -34,20 +28,6 @@ func (d *Desire) HasSolver() bool {
return len(d.solver) > 0
}
-func (d *Desire) CSR() (string, error) {
- tmpl := x509.CertificateRequest{
- Subject: pkix.Name{CommonName: d.altnames[0]},
- }
- if len(d.altnames) > 1 {
- tmpl.DNSNames = d.altnames
- }
- der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, d.cert.PrivateKey)
- if err != nil {
- return "", err
- }
- return base64.RawURLEncoding.EncodeToString(der), nil
-}
-
func (d *Desire) LoadKeyPair(certFile, keyFile string) (err error) {
d.cert, err = tls.LoadX509KeyPair(certFile, keyFile)
return