Ejemplo n.º 1
0
func parseDN(dn string) *pkix.Name {
	name := pkix.Name{}

	matches := dnRegexp.FindAllStringSubmatch(dn, -1)

	for _, match := range matches {
		val := match[2]
		if val == "" {
			continue
		}

		switch match[1] {
		case "C":
			name.Country = append(name.Country, val)
		case "O":
			name.Organization = append(name.Organization, val)
		case "OU":
			name.OrganizationalUnit = append(name.OrganizationalUnit, val)
		case "L":
			name.Locality = append(name.Locality, val)
		case "ST":
			name.Province = append(name.Province, val)
		case "SN":
			name.SerialNumber = val
		case "CN":
			name.CommonName = val
		}
	}

	return &name
}
Ejemplo n.º 2
0
func (info *HostCertificateInfo) toName(s string) *pkix.Name {
	var name pkix.Name

	for _, pair := range strings.Split(s, ",") {
		attr := strings.SplitN(pair, "=", 2)
		if len(attr) != 2 {
			continue
		}

		v := attr[1]

		switch strings.ToLower(attr[0]) {
		case "cn":
			name.CommonName = v
		case "ou":
			name.OrganizationalUnit = append(name.OrganizationalUnit, v)
		case "o":
			name.Organization = append(name.Organization, v)
		case "l":
			name.Locality = append(name.Locality, v)
		case "st":
			name.Province = append(name.Province, v)
		case "c":
			name.Country = append(name.Country, v)
		case "emailaddress":
			name.Names = append(name.Names, pkix.AttributeTypeAndValue{Type: emailAddressOID, Value: v})
		}
	}

	return &name
}
Ejemplo n.º 3
0
// Name returns the PKIX name for the request.
func (cr *CertificateRequest) Name() pkix.Name {
	var name pkix.Name
	name.CommonName = cr.CN

	for _, n := range cr.Names {
		appendIf(n.C, &name.Country)
		appendIf(n.ST, &name.Province)
		appendIf(n.L, &name.Locality)
		appendIf(n.O, &name.Organization)
		appendIf(n.OU, &name.OrganizationalUnit)
	}
	return name
}
Ejemplo n.º 4
0
// Name returns the PKIX name for the subject.
func (s *Subject) Name() pkix.Name {
	var name pkix.Name
	name.CommonName = s.CN

	for _, n := range s.Names {
		appendIf(n.C, &name.Country)
		appendIf(n.ST, &name.Province)
		appendIf(n.L, &name.Locality)
		appendIf(n.O, &name.Organization)
		appendIf(n.OU, &name.OrganizationalUnit)
	}
	return name
}
Ejemplo n.º 5
0
// GenerateKeys initializes a new tls key, confirms certificate details with the
// user, obtains a signed certificate from the default ca, and stores the
// resulting keys and certificates in kdir. This is meant to be called from
// user-facing apps.
func GenerateKeys(name *pkix.Name, addr, kdir string) *tao.Keys {
	host, _, err := net.SplitHostPort(addr)
	options.FailIf(err, "bad address: %s", addr)
	name.CommonName = host

	if ConfirmNames {
		fmt.Printf(""+
			"Initializing fresh HTTP/TLS server key. Provide the following information,\n"+
			"to be include in a CA-signed x509 certificate. Leave the response blank to\n"+
			"accept the default value.\n\n"+
			"The key and certificates will be stored in:\n  %s\n\n", kdir)
		name = ConfirmName(name)
	}

	keys, err := tao.InitOnDiskTaoSealedKeys(tao.Signing, name, tao.Parent(), kdir, tao.SealPolicyDefault)
	options.FailIf(err, "can't create tao-sealed HTTPS/TLS keys")

	csr := NewCertificateSigningRequest(keys.VerifyingKey, name)

	SubmitAndInstall(keys, csr)
	return keys
}
Ejemplo n.º 6
0
func parsePkixName(s string) (*pkix.Name, error) {
	name := new(pkix.Name)

	tokens := strings.Split(s, ",")
	for _, token := range tokens {
		token = strings.TrimSpace(token)
		kv := strings.SplitN(token, "=", 2)
		if len(kv) != 2 {
			return nil, fmt.Errorf("unrecognized token (expected k=v): %q", token)
		}
		k := strings.ToLower(kv[0])
		v := kv[1]

		switch k {
		case "cn":
			name.CommonName = v
		default:
			return nil, fmt.Errorf("unrecognized key %q in token %q", k, token)
		}
	}

	return name, nil
}
Ejemplo n.º 7
0
func Unmarshal(dn string) (pkix.Name, error) {
	var output pkix.Name
	segments := strings.Split(dn, ",")
	for segment := range segments {
		identifier := strings.SplitN(segments[segment], "=", 2)
		if identifier[0] == "CN" {
			output.CommonName = identifier[1]
		} else if identifier[0] == "C" {
			output.Country = append(output.Country, identifier[1])
		} else if identifier[0] == "L" {
			output.Locality = append(output.Locality, identifier[1])
		} else if identifier[0] == "ST" {
			output.Province = append(output.Province, identifier[1])
		} else if identifier[0] == "SA" {
			output.StreetAddress = append(output.StreetAddress, identifier[1])
		} else if identifier[0] == "O" {
			output.Organization = append(output.Organization, identifier[1])
		} else if identifier[0] == "OU" {
			output.OrganizationalUnit = append(output.OrganizationalUnit, identifier[1])
		}
	}
	return output, nil
}
Ejemplo n.º 8
0
Archivo: csr.go Proyecto: postfix/csr
// Name returns the subject info as a PKIX name strucutre for a
// certificate.
func (si *SubjectInfo) Name() pkix.Name {
	var name pkix.Name
	if si.Country != "" {
		name.Country = []string{si.Country}
	}

	if si.OrgName != "" {
		name.Organization = []string{si.OrgName}
	}

	if si.OrgUnitName != "" {
		name.OrganizationalUnit = []string{si.OrgUnitName}
	}

	if si.Locality != "" {
		name.Locality = []string{si.Locality}
	}

	if si.StateOrProvince != "" {
		name.Province = []string{si.StateOrProvince}
	}

	if si.CommonName != "" {
		name.CommonName = si.CommonName
	}

	if si.Email != "" {
		name.Names = []pkix.AttributeTypeAndValue{
			pkix.AttributeTypeAndValue{
				Type:  asn1EmailAddress,
				Value: si.Email,
			},
		}
	}

	return name
}