github.com/blend/go-sdk@v1.20240719.1/certutil/cert_options.go (about) 1 /* 2 3 Copyright (c) 2024 - Present. Blend Labs, Inc. All rights reserved 4 Use of this source code is governed by a MIT license that can be found in the LICENSE file. 5 6 */ 7 8 package certutil 9 10 import ( 11 "crypto/rand" 12 "crypto/rsa" 13 "crypto/x509" 14 "math/big" 15 "time" 16 17 "github.com/blend/go-sdk/ex" 18 ) 19 20 // CertOptions are required arguments when creating certificates. 21 type CertOptions struct { 22 x509.Certificate 23 PrivateKey *rsa.PrivateKey 24 NotBeforeProvider func() time.Time 25 NotAfterProvider func() time.Time 26 } 27 28 // ResolveCertOptions resolves the common create cert options. 29 func ResolveCertOptions(createOptions *CertOptions, options ...CertOption) error { 30 var err error 31 for _, option := range options { 32 if err = option(createOptions); err != nil { 33 return err 34 } 35 } 36 37 if createOptions.PrivateKey == nil { 38 createOptions.PrivateKey, err = rsa.GenerateKey(rand.Reader, 2048) 39 if err != nil { 40 return ex.New(err) 41 } 42 } 43 44 if createOptions.SerialNumber == nil { 45 serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) 46 createOptions.SerialNumber, err = rand.Int(rand.Reader, serialNumberLimit) 47 if err != nil { 48 return ex.New(err) 49 } 50 } 51 52 var output CertBundle 53 output.PrivateKey = createOptions.PrivateKey 54 output.PublicKey = &createOptions.PrivateKey.PublicKey 55 56 if createOptions.NotAfter.IsZero() && createOptions.NotAfterProvider != nil { 57 createOptions.NotAfter = createOptions.NotAfterProvider() 58 } 59 if createOptions.NotAfter.IsZero() && createOptions.NotAfterProvider != nil { 60 createOptions.NotAfter = createOptions.NotAfterProvider() 61 } 62 63 return nil 64 }