github.com/blend/go-sdk@v1.20220411.3/certutil/create_certificate_authority.go

github.com/blend/go-sdk@v1.20220411.3/certutil/create_certificate_authority.go (about)

     1  /*
     2  
     3  Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package certutil
     9  
    10  import (
    11  	"crypto/rand"
    12  	"crypto/x509"
    13  
    14  	"github.com/blend/go-sdk/ex"
    15  )
    16  
    17  // CreateCertificateAuthority creates a ca cert bundle from a given set of options.
    18  // The cert bundle can be used to generate client and server certificates.
    19  func CreateCertificateAuthority(options ...CertOption) (*CertBundle, error) {
    20  	createOptions := DefaultOptionsCertificateAuthority
    21  
    22  	if err := ResolveCertOptions(&createOptions, options...); err != nil {
    23  		return nil, nil
    24  	}
    25  
    26  	var output CertBundle
    27  	output.PrivateKey = createOptions.PrivateKey
    28  	output.PublicKey = &createOptions.PrivateKey.PublicKey
    29  	der, err := x509.CreateCertificate(rand.Reader, &createOptions.Certificate, &createOptions.Certificate, output.PublicKey, output.PrivateKey)
    30  	if err != nil {
    31  		return nil, ex.New(err)
    32  	}
    33  	cert, err := x509.ParseCertificate(der)
    34  	if err != nil {
    35  		return nil, ex.New(err)
    36  	}
    37  	output.CertificateDERs = [][]byte{der}
    38  	output.Certificates = []x509.Certificate{*cert}
    39  	return &output, nil
    40  }