Browse Source

mkcerts: Clean up and rename to be nicer

tags/v0.1.0
Daniel Oaks 7 years ago
parent
commit
d65f86e120
3 changed files with 37 additions and 16 deletions
  1. 1
    1
      README.md
  2. 32
    11
      mkcerts/certs.go
  3. 4
    4
      oragono.go

+ 1
- 1
README.md View File

@@ -39,7 +39,7 @@ go install
39 39
 cp oragono.yaml ircd.yaml
40 40
 vim ircd.yaml  # modify the config file to your liking
41 41
 oragono initdb
42
-oragono createcerts
42
+oragono mkcerts
43 43
 ```
44 44
 
45 45
 ## Configuration

+ 32
- 11
mkcerts/certs.go View File

@@ -17,8 +17,8 @@ import (
17 17
 	"time"
18 18
 )
19 19
 
20
-// CreateCert creates a testing ECDSA certificate, outputting the cert and key at the given filenames.
21
-func CreateCert(orgName string, host string, certFilename string, keyFilename string) error {
20
+// CreateCertBytes creates a testing ECDSA certificate, returning the cert and key bytes.
21
+func CreateCertBytes(orgName string, host string) (certBytes []byte, keyBytes []byte, err error) {
22 22
 	validFrom := time.Now()
23 23
 	validFor := 365 * 24 * time.Hour
24 24
 	notAfter := validFrom.Add(validFor)
@@ -28,7 +28,7 @@ func CreateCert(orgName string, host string, certFilename string, keyFilename st
28 28
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
29 29
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
30 30
 	if err != nil {
31
-		return fmt.Errorf("failed to generate serial number: %s", err)
31
+		return nil, nil, fmt.Errorf("failed to generate serial number: %s", err)
32 32
 	}
33 33
 
34 34
 	template := x509.Certificate{
@@ -54,26 +54,47 @@ func CreateCert(orgName string, host string, certFilename string, keyFilename st
54 54
 
55 55
 	derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
56 56
 	if err != nil {
57
-		return fmt.Errorf("Failed to create certificate: %s", err.Error())
57
+		return nil, nil, fmt.Errorf("Failed to create certificate: %s", err.Error())
58
+	}
59
+
60
+	certBytes = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
61
+
62
+	b, err := x509.MarshalECPrivateKey(priv)
63
+	if err != nil {
64
+		return nil, nil, fmt.Errorf("Unable to marshal ECDSA private key: %v", err.Error())
65
+	}
66
+	pemBlock := pem.Block{Type: "EC PRIVATE KEY", Bytes: b}
67
+	keyBytes = pem.EncodeToMemory(&pemBlock)
68
+	return certBytes, keyBytes, nil
69
+}
70
+
71
+// CreateCert creates a testing ECDSA certificate, outputting the cert and key at the given filenames.
72
+func CreateCert(orgName string, host string, certFilename string, keyFilename string) error {
73
+	certBytes, keyBytes, err := CreateCertBytes(orgName, host)
74
+
75
+	if err != nil {
76
+		return err
58 77
 	}
59 78
 
60 79
 	certOut, err := os.Create(certFilename)
61 80
 	if err != nil {
62 81
 		return fmt.Errorf("failed to open %s for writing: %s", certFilename, err.Error())
63 82
 	}
64
-	pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
65
-	certOut.Close()
83
+	defer certOut.Close()
84
+	_, err = certOut.Write(certBytes)
85
+	if err != nil {
86
+		return fmt.Errorf("failed to write out cert file %s: %s", certFilename, err.Error())
87
+	}
66 88
 
67 89
 	keyOut, err := os.OpenFile(keyFilename, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
68 90
 	if err != nil {
69 91
 		return fmt.Errorf("failed to open %s for writing: %s", keyFilename, err.Error())
70 92
 	}
71
-	b, err := x509.MarshalECPrivateKey(priv)
93
+	defer keyOut.Close()
94
+	_, err = keyOut.Write(keyBytes)
72 95
 	if err != nil {
73
-		return fmt.Errorf("Unable to marshal ECDSA private key: %v", err.Error())
96
+		return fmt.Errorf("failed to write out key file %s: %s", keyFilename, err.Error())
74 97
 	}
75
-	pemBlock := pem.Block{Type: "EC PRIVATE KEY", Bytes: b}
76
-	pem.Encode(keyOut, &pemBlock)
77
-	keyOut.Close()
98
+
78 99
 	return nil
79 100
 }

+ 4
- 4
oragono.go View File

@@ -23,7 +23,7 @@ Usage:
23 23
 	oragono initdb [--conf <filename>]
24 24
 	oragono upgradedb [--conf <filename>]
25 25
 	oragono genpasswd [--conf <filename>]
26
-	oragono createcerts [--conf <filename>]
26
+	oragono mkcerts [--conf <filename>]
27 27
 	oragono run [--conf <filename>]
28 28
 	oragono -h | --help
29 29
 	oragono --version
@@ -59,11 +59,11 @@ Options:
59 59
 	} else if arguments["upgradedb"].(bool) {
60 60
 		irc.UpgradeDB(config.Server.Database)
61 61
 		log.Println("database upgraded: ", config.Server.Database)
62
-	} else if arguments["createcerts"].(bool) {
63
-		log.Println("creating self-signed certificates")
62
+	} else if arguments["mkcerts"].(bool) {
63
+		log.Println("making self-signed certificates")
64 64
 
65 65
 		for name, conf := range config.Server.TLSListeners {
66
-			log.Printf(" creating cert for %s listener\n", name)
66
+			log.Printf(" making cert for %s listener\n", name)
67 67
 			host := config.Server.Name
68 68
 			err := mkcerts.CreateCert("Oragono", host, conf.Cert, conf.Key)
69 69
 			if err == nil {

Loading…
Cancel
Save