aboutsummaryrefslogtreecommitdiff
path: root/crypto.go
blob: 30b1346427f266d4eb9e4f7f718c4be989148a04 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
package acme

import (
	"crypto/rsa"
	"crypto/x509"
	"encoding/pem"
	"io"
	"io/ioutil"
	"os"
	"path"
)

func LoadKeyFile(fname string) (*rsa.PrivateKey, error) {
	fd, err := os.Open(fname)
	if err != nil {
		return nil, err
	}
	defer fd.Close()
	return LoadKey(fd)
}

func LoadKey(r io.Reader) (*rsa.PrivateKey, error) {
	der, err := ioutil.ReadAll(r)
	if err != nil {
		return nil, err
	}
	block, _ := pem.Decode(der)
	return x509.ParsePKCS1PrivateKey(block.Bytes)
}

func SaveKey(w io.Writer, key *rsa.PrivateKey) error {
	block := &pem.Block{
		Type:  "RSA PRIVATE KEY",
		Bytes: x509.MarshalPKCS1PrivateKey(key),
	}
	return pem.Encode(w, block)
}

func SaveCert(w io.Writer, crt *x509.Certificate) error {
	block := &pem.Block{
		Type:  "CERTIFICATE",
		Bytes: crt.Raw,
	}
	return pem.Encode(w, block)
}

func LoadCertFile(fname string) ([]*x509.Certificate, error) {
	fd, err := os.Open(fname)
	if err != nil {
		return nil, err
	}
	defer fd.Close()
	return LoadCerts(fd)
}

func LoadCerts(r io.Reader) ([]*x509.Certificate, error) {
	der, err := ioutil.ReadAll(r)
	if err != nil {
		return nil, err
	}
	block, _ := pem.Decode(der)
	return x509.ParseCertificates(block.Bytes)
}

func CreatePrivFile(fname string) (io.WriteCloser, error) {
	return createFile(fname, 0700)
}

func CreatePubFile(fname string) (io.WriteCloser, error) {
	return createFile(fname, 0755)
}

func createFile(fname string, mode os.FileMode) (io.WriteCloser, error) {
	if err := os.MkdirAll(path.Dir(fname), mode); err != nil {
		return nil, err
	}
	flags := os.O_WRONLY | os.O_CREATE | os.O_TRUNC
	return os.OpenFile(fname, flags, mode&0644)
}