github.com/jfrog/jfrog-cli-go@v1.22.1-0.20200318093948-4826ef344ffd/utils/tests/proxy/server/certificate/utils.go (about) 1 package certificate 2 3 import ( 4 "crypto/rand" 5 "crypto/rsa" 6 "crypto/x509" 7 "crypto/x509/pkix" 8 "encoding/pem" 9 "math/big" 10 "net" 11 "os" 12 "time" 13 ) 14 15 const CERT_FILE = "naive_proxy_cert.pem" 16 const KEY_FILE = "naive_proxy_key.pem" 17 18 func createCertTemplate() *x509.Certificate { 19 serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) 20 serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) 21 if err != nil { 22 panic(err) 23 } 24 return &x509.Certificate{ 25 Subject: pkix.Name{Organization: []string{"Test Inc."}}, 26 SignatureAlgorithm: x509.SHA256WithRSA, 27 NotBefore: time.Now(), 28 NotAfter: time.Now().Add(time.Hour), 29 BasicConstraintsValid: true, 30 IsCA: true, 31 KeyUsage: x509.KeyUsageCertSign, 32 ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, 33 IPAddresses: []net.IP{net.ParseIP("127.0.0.1")}, 34 SerialNumber: serialNumber, 35 } 36 } 37 38 func CreateNewCert() { 39 rootKey, err := rsa.GenerateKey(rand.Reader, 2048) 40 if err != nil { 41 panic(err) 42 } 43 certTemplate := createCertTemplate() 44 derBytes, err := x509.CreateCertificate(rand.Reader, certTemplate, certTemplate, &rootKey.PublicKey, rootKey) 45 if err != nil { 46 panic(err) 47 } 48 certOut, err := os.Create(CERT_FILE) 49 if err != nil { 50 panic(err) 51 } 52 pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) 53 certOut.Close() 54 55 keyOut, err := os.OpenFile(KEY_FILE, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) 56 if err != nil { 57 panic(err) 58 } 59 pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(rootKey)}) 60 keyOut.Close() 61 }