125 lines
3.5 KiB
Go
125 lines
3.5 KiB
Go
package main
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/rsa"
|
|
"crypto/x509"
|
|
"crypto/x509/pkix"
|
|
"encoding/pem"
|
|
"log"
|
|
"math/big"
|
|
"time"
|
|
)
|
|
|
|
func createCertPEM(template, parent *x509.Certificate, pub, priv interface{}) string {
|
|
caCertBytes, err := x509.CreateCertificate(rand.Reader, template, parent, pub, priv)
|
|
if err != nil {
|
|
log.Println("failed to generate CA certificate")
|
|
panic(err)
|
|
}
|
|
|
|
return string(pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: caCertBytes}))
|
|
}
|
|
|
|
func keyToPem(key *rsa.PrivateKey) string {
|
|
pkcs1 := x509.MarshalPKCS1PrivateKey(key)
|
|
block := &pem.Block{
|
|
Type: "RSA PRIVATE KEY",
|
|
Bytes: pkcs1,
|
|
}
|
|
encoded := pem.EncodeToMemory(block)
|
|
return string(encoded)
|
|
}
|
|
|
|
func DirectoryReplicationServerCA() string {
|
|
ca := &x509.Certificate{
|
|
SerialNumber: big.NewInt(1653),
|
|
Subject: pkix.Name{
|
|
Organization: []string{"ORGANIZATION_NAME"},
|
|
Country: []string{"COUNTRY_CODE"},
|
|
Province: []string{"PROVINCE"},
|
|
Locality: []string{"CITY"},
|
|
StreetAddress: []string{"ADDRESS"},
|
|
PostalCode: []string{"POSTAL_CODE"},
|
|
},
|
|
NotBefore: time.Now(),
|
|
NotAfter: time.Now().AddDate(10, 0, 0),
|
|
IsCA: true,
|
|
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
|
|
KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
|
|
BasicConstraintsValid: true,
|
|
}
|
|
|
|
caPrivateKey, _ := rsa.GenerateKey(rand.Reader, 2048)
|
|
return createCertPEM(ca, ca, &caPrivateKey.PublicKey, caPrivateKey)
|
|
}
|
|
|
|
func GenerateAPNConfiguration() (a APNConfiguration) {
|
|
ca := &x509.Certificate{
|
|
SerialNumber: big.NewInt(1653),
|
|
Subject: pkix.Name{
|
|
Organization: []string{"ORGANIZATION_NAME"},
|
|
Country: []string{"COUNTRY_CODE"},
|
|
Province: []string{"PROVINCE"},
|
|
Locality: []string{"CITY"},
|
|
StreetAddress: []string{"ADDRESS"},
|
|
PostalCode: []string{"POSTAL_CODE"},
|
|
},
|
|
NotBefore: time.Now(),
|
|
NotAfter: time.Now().AddDate(10, 0, 0),
|
|
IsCA: true,
|
|
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
|
|
KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
|
|
BasicConstraintsValid: true,
|
|
}
|
|
caPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
log.Println("Failied to generate 2048 bit RSA key for APN CA")
|
|
panic(err)
|
|
}
|
|
|
|
caPem := createCertPEM(ca, ca, &caPrivateKey.PublicKey, caPrivateKey)
|
|
|
|
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
log.Println("Failied to generate 2048 bit RSA key for APN configuration")
|
|
panic(err)
|
|
}
|
|
|
|
certPem := createCertPEM(&x509.Certificate{
|
|
SerialNumber: big.NewInt(1653),
|
|
Subject: pkix.Name{
|
|
Organization: []string{"ORGANIZATION_NAME"},
|
|
Country: []string{"COUNTRY_CODE"},
|
|
Province: []string{"PROVINCE"},
|
|
Locality: []string{"CITY"},
|
|
StreetAddress: []string{"ADDRESS"},
|
|
PostalCode: []string{"POSTAL_CODE"},
|
|
},
|
|
NotBefore: time.Now(),
|
|
NotAfter: time.Now().AddDate(10, 0, 0),
|
|
KeyUsage: x509.KeyUsageDigitalSignature,
|
|
}, ca, &privateKey.PublicKey, privateKey)
|
|
|
|
a.PushCertificate = caPem + certPem
|
|
a.PushKey = keyToPem(privateKey)
|
|
a.BundleID = "a"
|
|
return
|
|
}
|
|
|
|
func GenerateGCPSigningKey() string {
|
|
key, err := rsa.GenerateKey(rand.Reader, 2048)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
pkcs8, err := x509.MarshalPKCS8PrivateKey(key)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
block := &pem.Block{
|
|
Type: "PRIVATE KEY",
|
|
Bytes: pkcs8,
|
|
}
|
|
encoded := pem.EncodeToMemory(block)
|
|
return string(encoded)
|
|
}
|