aboutsummaryrefslogtreecommitdiff
path: root/desire.go
diff options
context:
space:
mode:
Diffstat (limited to 'desire.go')
-rw-r--r--desire.go74
1 files changed, 74 insertions, 0 deletions
diff --git a/desire.go b/desire.go
new file mode 100644
index 0000000..5a2aaf8
--- /dev/null
+++ b/desire.go
@@ -0,0 +1,74 @@
+package acme
+
+import (
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/x509"
+ "crypto/x509/pkix"
+ "encoding/base64"
+ "os"
+ "path"
+)
+
+type Desire struct {
+ altnames []string
+ key *rsa.PrivateKey
+ cert []*x509.Certificate
+ signer Signer
+}
+
+func NewDesire(altnames []string, size int) (*Desire, error) {
+ key, err := rsa.GenerateKey(rand.Reader, size)
+ if err != nil {
+ return nil, err
+ }
+ return &Desire{
+ key: key,
+ altnames: altnames,
+ }, nil
+}
+
+func (d *Desire) SaveKey(fname string) error {
+ if err := os.MkdirAll(path.Dir(fname), 0700); err != nil {
+ return err
+ }
+ flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC
+ fd, err := os.OpenFile(fname, flags, 0600)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ return SaveKey(fd, d.key)
+}
+
+func (d *Desire) SaveCert(fname string) error {
+ if err := os.MkdirAll(path.Dir(fname), 0755); err != nil {
+ return err
+ }
+ flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC
+ fd, err := os.OpenFile(fname, flags, 0644)
+ if err != nil {
+ return err
+ }
+ defer fd.Close()
+ for _, cert := range d.cert {
+ if err := SaveCert(fd, cert); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (d *Desire) NewCSR() (string, error) {
+ tmpl := x509.CertificateRequest{
+ Subject: pkix.Name{CommonName: d.altnames[0]},
+ }
+ if len(d.altnames) > 1 {
+ tmpl.DNSNames = d.altnames
+ }
+ der, err := x509.CreateCertificateRequest(rand.Reader, &tmpl, d.key)
+ if err != nil {
+ return "", err
+ }
+ return base64.RawURLEncoding.EncodeToString(der), nil
+}