github.com/jingruilea/kubeedge@v1.2.0-beta.0.0.20200410162146-4bb8902b3879/edge/pkg/common/util/config.go

github.com/jingruilea/kubeedge@v1.2.0-beta.0.0.20200410162146-4bb8902b3879/edge/pkg/common/util/config.go (about)

     1  /*
     2  Copyright 2018 The KubeEdge Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8     http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package util
    18  
    19  import (
    20  	"crypto/rand"
    21  	"crypto/rsa"
    22  	"crypto/x509"
    23  	"crypto/x509/pkix"
    24  	"encoding/pem"
    25  	"math/big"
    26  	"os"
    27  	"time"
    28  )
    29  
    30  //GenerateTestCertificate generates fake certificates and stores them at the path specified.
    31  //It accepts 3 arguments path, certFileName and keyFileName
    32  // "path" is the directory path at which the directory is to be created,
    33  // "certFileName" & "keyFileName" refers to the name of the file to be created without the extension
    34  func GenerateTestCertificate(path string, certFileName string, keyFileName string) error {
    35  	template := &x509.Certificate{
    36  		IsCA:                  true,
    37  		BasicConstraintsValid: true,
    38  		SubjectKeyId:          []byte{1, 2, 3},
    39  		SerialNumber:          big.NewInt(1234),
    40  		Subject: pkix.Name{
    41  			Country:      []string{"test"},
    42  			Organization: []string{"testor"},
    43  		},
    44  		NotBefore:   time.Now(),
    45  		NotAfter:    time.Now().AddDate(5, 5, 5),
    46  		ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth},
    47  		KeyUsage:    x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
    48  	}
    49  	// generate private key
    50  	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
    51  	if err != nil {
    52  		return err
    53  	}
    54  	publicKey := &privateKey.PublicKey
    55  	// create a self-signed certificate. template = parent
    56  	var parent = template
    57  	cert, err := x509.CreateCertificate(rand.Reader, template, parent, publicKey, privateKey)
    58  	if err != nil {
    59  		return err
    60  	}
    61  	err = os.MkdirAll(path, 0777)
    62  	if err != nil {
    63  		return err
    64  	}
    65  	pKey := x509.MarshalPKCS1PrivateKey(privateKey)
    66  	certFilePEM := pem.Block{
    67  		Type:  "CERTIFICATE",
    68  		Bytes: cert}
    69  	err = createPEMfile(path+certFileName+".crt", certFilePEM)
    70  	if err != nil {
    71  		return err
    72  	}
    73  	keyFilePEM := pem.Block{
    74  		Type:  "RSA PRIVATE KEY",
    75  		Bytes: pKey}
    76  	err = createPEMfile(path+keyFileName+".key", keyFilePEM)
    77  	if err != nil {
    78  		return err
    79  	}
    80  	return nil
    81  }
    82  
    83  //createPEMfile() creates an encoded file at the path given, with PEM Block specified
    84  func createPEMfile(path string, pemBlock pem.Block) error {
    85  	// this will create plain text PEM file.
    86  	file, err := os.Create(path)
    87  	if err != nil {
    88  		return err
    89  	}
    90  
    91  	defer file.Close()
    92  	err = pem.Encode(file, &pemBlock)
    93  	return err
    94  }