1
0
mirror of https://github.com/golang/go synced 2024-11-25 01:47:56 -07:00

crypto/tls: add certout, keyout options

This commit is contained in:
wafuwafu13 2023-01-16 21:52:36 +09:00
parent 1c65b69bd1
commit 6a71b5afb3

View File

@ -5,7 +5,7 @@
//go:build ignore //go:build ignore
// Generate a self-signed X.509 certificate for a TLS server. Outputs to // Generate a self-signed X.509 certificate for a TLS server. Outputs to
// 'cert.pem' and 'key.pem' and will overwrite existing files. // 'cert.pem' and 'key.pem' in default and will overwrite existing files.
package main package main
@ -35,6 +35,8 @@ var (
rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set") rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set")
ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521") ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521")
ed25519Key = flag.Bool("ed25519", false, "Generate an Ed25519 key") ed25519Key = flag.Bool("ed25519", false, "Generate an Ed25519 key")
certName = flag.String("certout", "cert.pem", "File name of generated cert")
keyName = flag.String("keyout", "key.pem", "File name of generated key")
) )
func publicKey(priv any) any { func publicKey(priv any) any {
@ -141,31 +143,31 @@ func main() {
log.Fatalf("Failed to create certificate: %v", err) log.Fatalf("Failed to create certificate: %v", err)
} }
certOut, err := os.Create("cert.pem") certOut, err := os.Create(*certName)
if err != nil { if err != nil {
log.Fatalf("Failed to open cert.pem for writing: %v", err) log.Fatalf("Failed to open %s for writing: %v", *certName, err)
} }
if err := pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}); err != nil { if err := pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}); err != nil {
log.Fatalf("Failed to write data to cert.pem: %v", err) log.Fatalf("Failed to write data to %s: %v", *certName, err)
} }
if err := certOut.Close(); err != nil { if err := certOut.Close(); err != nil {
log.Fatalf("Error closing cert.pem: %v", err) log.Fatalf("Error closing %s: %v", *certName, err)
} }
log.Print("wrote cert.pem\n") log.Printf("wrote %s\n", *certName)
keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) keyOut, err := os.OpenFile(*keyName, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
if err != nil { if err != nil {
log.Fatalf("Failed to open key.pem for writing: %v", err) log.Fatalf("Failed to open %s for writing: %v", *keyName, err)
} }
privBytes, err := x509.MarshalPKCS8PrivateKey(priv) privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
if err != nil { if err != nil {
log.Fatalf("Unable to marshal private key: %v", err) log.Fatalf("Unable to marshal private key: %v", err)
} }
if err := pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil { if err := pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil {
log.Fatalf("Failed to write data to key.pem: %v", err) log.Fatalf("Failed to write data to %s: %v", *keyName, err)
} }
if err := keyOut.Close(); err != nil { if err := keyOut.Close(); err != nil {
log.Fatalf("Error closing key.pem: %v", err) log.Fatalf("Error closing %s: %v", *keyName, err)
} }
log.Print("wrote key.pem\n") log.Printf("wrote %s\n", *keyName)
} }