aboutsummaryrefslogtreecommitdiff
path: root/cmd
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2015-12-18 16:48:21 +0100
committerDimitri Sokolyuk <demon@dim13.org>2015-12-18 16:48:21 +0100
commit6d1eef0c011cbe666300ee023ccdbeac80dc43c0 (patch)
tree681bf82a294bf18308d5453d0b65768b6d2cdff5 /cmd
parentbdcc98eaf07bdbc478223c38cf06266b76177776 (diff)
Add key funcs
Diffstat (limited to 'cmd')
-rw-r--r--cmd/acme/main.go40
1 files changed, 5 insertions, 35 deletions
diff --git a/cmd/acme/main.go b/cmd/acme/main.go
index e19d6c6..d197908 100644
--- a/cmd/acme/main.go
+++ b/cmd/acme/main.go
@@ -1,14 +1,8 @@
package main
import (
- "crypto/rand"
"crypto/rsa"
- "crypto/x509"
- "crypto/x509/pkix"
- "encoding/pem"
"flag"
- "io"
- "io/ioutil"
"log"
"os"
"path"
@@ -18,30 +12,6 @@ import (
var confName = flag.String("conf", "acme.toml", "configuration file")
-func newCSR(domain []string, key *rsa.PrivateKey) ([]byte, error) {
- tmpl := x509.CertificateRequest{
- Subject: pkix.Name{
- CommonName: domain[0],
- },
- }
- if len(domain) > 1 {
- tmpl.DNSNames = domain
- }
- return x509.CreateCertificateRequest(rand.Reader, &tmpl, key)
-}
-
-func newKey(w io.Writer, size int) (*rsa.PrivateKey, error) {
- key, err := rsa.GenerateKey(rand.Reader, size)
- if err != nil {
- return nil, err
- }
- block := &pem.Block{
- Type: "RSA PRIVATE KEY",
- Bytes: x509.MarshalPKCS1PrivateKey(key),
- }
- return key, pem.Encode(w, block)
-}
-
func chkKey(k PrivKey) (*rsa.PrivateKey, error) {
key := k.KeyPath()
if _, err := os.Stat(key); os.IsNotExist(err) {
@@ -55,14 +25,14 @@ func chkKey(k PrivKey) (*rsa.PrivateKey, error) {
return nil, err
}
defer fd.Close()
- return newKey(fd, k.Size())
+ return acme.NewKey(fd, k.Size())
} else {
- der, err := ioutil.ReadFile(key)
+ fd, err := os.Open(key)
if err != nil {
return nil, err
}
- block, _ := pem.Decode(der)
- return x509.ParsePKCS1PrivateKey(block.Bytes)
+ defer fd.Close()
+ return acme.LoadKey(fd)
}
}
@@ -91,7 +61,7 @@ func chkKeys(c *Config) error {
err = chkCert(des)
if err != nil {
log.Println(k, "cert missing")
- _, err = newCSR(des.Altnames, des.account.key)
+ _, err = acme.NewCSR(des.Altnames, des.account.key)
if err != nil {
log.Fatal(err)
}