github.com/StackPointCloud/packer@v0.10.2-0.20180716202532-b28098e0f79b/builder/azure/common/lin/step_create_cert.go (about) 1 package lin 2 3 import ( 4 "context" 5 "crypto/rand" 6 "crypto/rsa" 7 "crypto/sha1" 8 "crypto/x509" 9 "crypto/x509/pkix" 10 "encoding/pem" 11 "fmt" 12 "log" 13 "math/big" 14 "time" 15 16 "github.com/hashicorp/packer/builder/azure/common/constants" 17 18 "github.com/hashicorp/packer/helper/multistep" 19 "github.com/hashicorp/packer/packer" 20 ) 21 22 type StepCreateCert struct { 23 TmpServiceName string 24 } 25 26 func (s *StepCreateCert) Run(_ context.Context, state multistep.StateBag) multistep.StepAction { 27 ui := state.Get("ui").(packer.Ui) 28 29 ui.Say("Creating temporary certificate...") 30 31 err := s.createCert(state) 32 if err != nil { 33 err = fmt.Errorf("Error creating temporary certificate: %s", err) 34 state.Put("error", err) 35 ui.Error(err.Error()) 36 return multistep.ActionHalt 37 } 38 39 return multistep.ActionContinue 40 } 41 42 func (s *StepCreateCert) Cleanup(state multistep.StateBag) {} 43 44 func (s *StepCreateCert) createCert(state multistep.StateBag) error { 45 46 log.Println("createCert: Generating RSA key pair...") 47 48 priv, err := rsa.GenerateKey(rand.Reader, 2048) 49 if err != nil { 50 err = fmt.Errorf("Failed to Generate Private Key: %s", err) 51 return err 52 } 53 54 // ASN.1 DER encoded form 55 privkey := string(pem.EncodeToMemory(&pem.Block{ 56 Type: "RSA PRIVATE KEY", 57 Bytes: x509.MarshalPKCS1PrivateKey(priv), 58 })) 59 60 // Set the private key in the state bag for later 61 state.Put(constants.PrivateKey, privkey) 62 log.Printf("createCert: Private key:\n%s", privkey) 63 64 log.Println("createCert: Creating certificate...") 65 66 host := fmt.Sprintf("%s.cloudapp.net", s.TmpServiceName) 67 notBefore := time.Now() 68 notAfter := notBefore.Add(365 * 24 * time.Hour) 69 70 serialNumber, err := rand.Int(rand.Reader, new(big.Int).Lsh(big.NewInt(1), 128)) 71 if err != nil { 72 err = fmt.Errorf("Failed to Generate Serial Number: %v", err) 73 return err 74 } 75 76 template := x509.Certificate{ 77 SerialNumber: serialNumber, 78 Issuer: pkix.Name{ 79 CommonName: host, 80 }, 81 Subject: pkix.Name{ 82 CommonName: host, 83 }, 84 NotBefore: notBefore, 85 NotAfter: notAfter, 86 87 KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, 88 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, 89 BasicConstraintsValid: true, 90 } 91 92 derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv) 93 if err != nil { 94 err = fmt.Errorf("Failed to Create Certificate: %s", err) 95 return err 96 } 97 98 cert := string(pem.EncodeToMemory(&pem.Block{ 99 Type: "RSA PRIVATE KEY", 100 Bytes: derBytes, 101 })) 102 state.Put(constants.Certificate, cert) 103 log.Printf("createCert: Certificate:\n%s", cert) 104 105 h := sha1.New() 106 h.Write(derBytes) 107 thumbprint := fmt.Sprintf("%X", h.Sum(nil)) 108 state.Put(constants.Thumbprint, thumbprint) 109 log.Printf("createCert: Thumbprint:\n%s", thumbprint) 110 111 return nil 112 }