func generateTrustCert(key libtrust.PublicKey, parentKey PrivateKey, parent *x509.Certificate) *x509.Certificate {
cert := &x509.Certificate{
SerialNumber: big.NewInt(0),
Subject: pkix.Name{
CommonName: "Trust Cert",
},
NotBefore: time.Now().Add(-time.Second),
NotAfter: time.Now().Add(time.Hour),
IsCA: true,
KeyUsage: x509.KeyUsageDigitalSignature,
BasicConstraintsValid: true,
}
certDER, err := x509.CreateCertificate(
rand.Reader, cert, parent,
key.CryptoPublicKey(), parentKey.CryptoPrivateKey(),
)
if err != nil {
panic(err)
}
cert, err = x509.ParseCertificate(certDER)
if err != nil {
panic(err)
}
return cert
}
