aboutsummaryrefslogtreecommitdiff
path: root/crypto.go
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2016-03-06 02:26:20 +0100
committerDimitri Sokolyuk <demon@dim13.org>2016-03-06 02:26:20 +0100
commitcf49d970245fdd871a85c9393a54bdefcbdfc39a (patch)
treec793c47b5837c21e1d8c13e7604651f471de6cb7 /crypto.go
parent15d5478b1ebbeab7e34ead678d4d963ed736be9a (diff)
Move file handling out of the lib
Diffstat (limited to 'crypto.go')
-rw-r--r--crypto.go62
1 files changed, 22 insertions, 40 deletions
diff --git a/crypto.go b/crypto.go
index 5ed81c0..eb859c2 100644
--- a/crypto.go
+++ b/crypto.go
@@ -3,14 +3,14 @@ package acme
import (
"crypto"
"crypto/ecdsa"
+ "crypto/elliptic"
+ "crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"errors"
"io"
"io/ioutil"
- "os"
- "syscall"
)
const (
@@ -21,13 +21,20 @@ const (
var errKeyType = errors.New("unknown key type")
-func LoadKeyFile(fname string) (crypto.PrivateKey, error) {
- fd, err := os.Open(fname)
- if err != nil {
- return nil, err
+func SaveKey(w io.Writer, key crypto.PrivateKey) error {
+ var block *pem.Block
+ switch k := key.(type) {
+ case *rsa.PrivateKey:
+ der := x509.MarshalPKCS1PrivateKey(k)
+ block = &pem.Block{Type: pemRSA, Bytes: der}
+ case *ecdsa.PrivateKey:
+ der, err := x509.MarshalECPrivateKey(k)
+ if err != nil {
+ return err
+ }
+ block = &pem.Block{Type: pemEC, Bytes: der}
}
- defer fd.Close()
- return LoadKey(fd)
+ return pem.Encode(w, block)
}
func LoadKey(r io.Reader) (crypto.PrivateKey, error) {
@@ -46,23 +53,7 @@ func LoadKey(r io.Reader) (crypto.PrivateKey, error) {
}
}
-func SaveKey(w io.Writer, key crypto.PrivateKey) error {
- var block *pem.Block
- switch k := key.(type) {
- case *rsa.PrivateKey:
- der := x509.MarshalPKCS1PrivateKey(k)
- block = &pem.Block{Type: pemRSA, Bytes: der}
- case *ecdsa.PrivateKey:
- der, err := x509.MarshalECPrivateKey(k)
- if err != nil {
- return err
- }
- block = &pem.Block{Type: pemEC, Bytes: der}
- }
- return pem.Encode(w, block)
-}
-
-func saveCert(w io.Writer, cert []byte) error {
+func SaveCert(w io.Writer, cert []byte) error {
block := &pem.Block{
Type: pemCRT,
Bytes: cert,
@@ -70,15 +61,6 @@ func saveCert(w io.Writer, cert []byte) error {
return pem.Encode(w, block)
}
-func LoadCertFile(fname string) ([]*x509.Certificate, error) {
- fd, err := os.Open(fname)
- if err != nil {
- return nil, err
- }
- defer fd.Close()
- return LoadCerts(fd)
-}
-
func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
der, err := ioutil.ReadAll(r)
if err != nil {
@@ -88,11 +70,11 @@ func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
return x509.ParseCertificates(block.Bytes)
}
-func CreateFile(fname string, mode os.FileMode) (io.WriteCloser, error) {
- err := os.Rename(fname, fname+".bak")
- if nerr, ok := err.(*os.LinkError); ok && nerr.Err != syscall.ENOENT {
- return nil, nerr
+func NewKey(size int) (crypto.PrivateKey, error) {
+ switch size {
+ case 0:
+ return ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
+ default:
+ return rsa.GenerateKey(rand.Reader, size)
}
- flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC
- return os.OpenFile(fname, flags, mode)
}