本文整理汇总了Golang中github.com/cloudflare/cfssl/csr.ParseRequest函数的典型用法代码示例。如果您正苦于以下问题:Golang ParseRequest函数的具体用法?Golang ParseRequest怎么用?Golang ParseRequest使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了ParseRequest函数的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: initializeServer
func initializeServer() *server.Server {
var hosts string
fmt.Print("Keyserver Hostnames/IPs (comma-seperated): ")
fmt.Scanln(&hosts)
hostnames := strings.Split(hosts, ",")
csr, key, err := csr.ParseRequest(&csr.CertificateRequest{
CN: "Keyless Server Authentication Certificate",
Hosts: hostnames,
KeyRequest: &csr.BasicKeyRequest{
A: "ecdsa",
S: 384,
},
})
if err != nil {
log.Fatal(err)
}
if err := ioutil.WriteFile(keyFile, key, 0400); err != nil {
log.Fatal(err)
}
log.Infof("Key generated and saved to %s\n", keyFile)
log.Info("Server entering initialization state")
s, err := server.NewServerFromFile(initCertFile, initKeyFile, caFile,
net.JoinHostPort("", port), net.JoinHostPort("", metricsPort))
if err != nil {
log.Fatal(err)
}
s.ActivationToken = []byte(initToken)
go func() {
log.Fatal(s.ListenAndServe())
}()
cert, err := initAPICall(hostnames, string(csr))
if err != nil {
log.Fatal(err)
}
if err := ioutil.WriteFile(certFile, cert, 0644); err != nil {
log.Fatal(err)
}
log.Infof("Cert saved to %s\n", certFile)
// Remove server from activation state and initialize issued certificate.
s.ActivationToken = s.ActivationToken[:0]
tlsCert, err := tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
log.Fatal(err)
}
s.Config.Certificates = []tls.Certificate{tlsCert}
return s
}示例2: GenerateNewCSR
// GenerateNewCSR returns a newly generated key and CSR signed with said key
func GenerateNewCSR() (csr, key []byte, err error) {
req := &cfcsr.CertificateRequest{
KeyRequest: cfcsr.NewBasicKeyRequest(),
}
csr, key, err = cfcsr.ParseRequest(req)
if err != nil {
return
}
return
}示例3: generateNewCSR
func generateNewCSR() (csr, key []byte, err error) {
req := &cfcsr.CertificateRequest{
KeyRequest: cfcsr.NewBasicKeyRequest(),
}
csr, key, err = cfcsr.ParseRequest(req)
if err != nil {
log.Debugf(`failed to generate CSR`)
return
}
return
}示例4: testGenerateKeypair
func testGenerateKeypair(req *csr.CertificateRequest) (keyFile, certFile string, err error) {
fail := func(err error) (string, string, error) {
if keyFile != "" {
os.Remove(keyFile)
}
if certFile != "" {
os.Remove(certFile)
}
return "", "", err
}
keyFile, err = tempName()
if err != nil {
return fail(err)
}
certFile, err = tempName()
if err != nil {
return fail(err)
}
csrPEM, keyPEM, err := csr.ParseRequest(req)
if err != nil {
return fail(err)
}
if err = ioutil.WriteFile(keyFile, keyPEM, 0644); err != nil {
return fail(err)
}
priv, err := helpers.ParsePrivateKeyPEM(keyPEM)
if err != nil {
return fail(err)
}
cert, err := selfsign.Sign(priv, csrPEM, config.DefaultConfig())
if err != nil {
return fail(err)
}
if err = ioutil.WriteFile(certFile, cert, 0644); err != nil {
return fail(err)
}
return
}示例5: TestNewSigner
func TestNewSigner(t *testing.T) {
req := ExampleRequest()
lca, err := New(req, ExampleSigningConfig())
assert.NoErrorT(t, err)
csrPEM, _, err := csr.ParseRequest(testRequest)
assert.NoErrorT(t, err)
certPEM, err := lca.SignCSR(csrPEM)
assert.NoErrorT(t, err)
_, err = helpers.ParseCertificatePEM(certPEM)
assert.NoErrorT(t, err)
certPEM, err = lca.CACertificate()
assert.NoErrorT(t, err)
cert, err := helpers.ParseCertificatePEM(certPEM)
assert.NoErrorT(t, err)
assert.BoolT(t, cert.Subject.CommonName == req.CN,
"common names don't match")
lca.Toggle()
_, err = lca.SignCSR(csrPEM)
assert.ErrorEqT(t, errDisabled, err)
lca.Toggle()
_, err = lca.SignCSR(certPEM)
assert.ErrorT(t, err, "shouldn't be able to sign non-CSRs")
p := &pem.Block{
Type: "CERTIFICATE REQUEST",
Bytes: []byte(`¯\_(ツ)_/¯`),
}
junkCSR := pem.EncodeToMemory(p)
_, err = lca.SignCSR(junkCSR)
assert.ErrorT(t, err, "signing a junk CSR should fail")
t.Logf("error: %s", err)
}示例6: main
func main() {
if initCert {
var hosts string
fmt.Print("Keyserver Hostnames/IPs (comma-seperated): ")
fmt.Scanln(&hosts)
csr, key, err := csr.ParseRequest(&csr.CertificateRequest{
CN: "Keyless Server Authentication Certificate",
Hosts: strings.Split(hosts, ","),
KeyRequest: &csr.KeyRequest{Algo: "ecdsa", Size: 384},
})
if err != nil {
log.Fatal(err)
}
if err := ioutil.WriteFile(keyFile, key, 0400); err != nil {
log.Fatal(err)
}
fmt.Printf("Key generated and saved to %s\n", keyFile)
fmt.Printf("Email this CSR to [email protected] for signing and save the resulting certificate to %s:\n", certFile)
fmt.Print(string(csr))
return
}
s, err := server.NewServerFromFile(certFile, keyFile, caFile,
net.JoinHostPort("", port), net.JoinHostPort("", metricsPort))
if err != nil {
log.Warningf("Could not create server. Run `gokeyless -init` to get %s and %s", keyFile, certFile)
log.Fatal(err)
}
if err := s.LoadKeysFromDir(keyDir, LoadKey); err != nil {
log.Fatal(err)
}
// Start server in background, then listen for SIGHUPs to reload keys.
go func() {
log.Fatal(s.ListenAndServe())
}()
if pidFile != "" {
if f, err := os.Create(pidFile); err != nil {
log.Errorf("error creating pid file: %v", err)
} else {
fmt.Fprintf(f, "%d", os.Getpid())
f.Close()
}
}
c := make(chan os.Signal, 1)
signal.Notify(c, syscall.SIGHUP)
for {
select {
case <-c:
log.Info("Received SIGHUP, reloading keys...")
if err := s.LoadKeysFromDir(keyDir, LoadKey); err != nil {
log.Fatal(err)
}
}
}
}