This repository has been archived by the owner on Mar 28, 2023. It is now read-only.
Added gencerts command, fixed unreachable code, added missing argument, fixed few golint errors #944
Merged
Merged
Added gencerts command, fixed unreachable code, added missing argument, fixed few golint errors #944
Changes from 12 commits
Commits
Show all changes
16 commits
Select commit
Hold shift + click to select a range
2e181be
Added gencerts
10e1ee7
v.2
0801273
v.3
36cb895
Fix golint errors
b26c614
Update gencerts, fix few golint errors
9361456
Fixed unreachable code, add missing argument
3c84bfb
Don't call fsrepo.Open.
tyler-smith 3e74449
Move all gencerts flags to the command struct.
tyler-smith a7a6eb0
Make gencerts save certs in an directory.
tyler-smith 1d9b0a1
Refactored code
629f99e
Merge pull request #946 from trigun117/TS_gencerts
tyler-smith 11541a7
TWEAK: change log message.
tyler-smith f898633
TWEAK: Create ip/dns slices before creating cert object.
tyler-smith aebb4b2
CLEANUP: Cleanup comments in gencerts cmd.
tyler-smith 98cfe4b
Cleanup comments
68c296a
Merge pull request #947 from trigun117/TS_gencerts
placer14 File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,126 @@ | ||
package cmd | ||
|
||
import ( | ||
"crypto/rand" | ||
"crypto/rsa" | ||
"crypto/x509" | ||
"crypto/x509/pkix" | ||
"encoding/pem" | ||
"flag" | ||
"math/big" | ||
"net" | ||
"os" | ||
"path" | ||
"strings" | ||
"time" | ||
|
||
"github.com/OpenBazaar/openbazaar-go/repo" | ||
) | ||
|
||
//GenerateCertificates struct | ||
type GenerateCertificates struct { | ||
DataDir string `short:"d" long:"datadir" description:"specify the data directory to be used"` | ||
Testnet bool `short:"t" long:"testnet" description:"config file is for testnet node"` | ||
Host string `short:"h" long:"host" description:"comma-separated hostnames and IPs to generate a certificate for"` | ||
ValidFor time.Duration `long:"duration" description:"duration that certificate is valid for"` | ||
} | ||
|
||
//Execute gencerts command | ||
func (x *GenerateCertificates) Execute(args []string) error { | ||
|
||
flag.Parse() | ||
|
||
// Set repo path | ||
repoPath, err := repo.GetRepoPath(x.Testnet) | ||
if err != nil { | ||
return err | ||
} | ||
if x.DataDir != "" { | ||
repoPath = x.DataDir | ||
} | ||
|
||
//Check if host entered | ||
if len(x.Host) == 0 { | ||
log.Fatalf("Missing required --host parameter") | ||
} | ||
|
||
// Set default duration | ||
if x.ValidFor == 0 { | ||
x.ValidFor = 365 * 24 * time.Hour | ||
} | ||
|
||
var priv interface{} | ||
|
||
//Generate key | ||
priv, err = rsa.GenerateKey(rand.Reader, 2048) | ||
if err != nil { | ||
log.Fatalf("failed to generate private key: %s", err) | ||
} | ||
|
||
//Set creation date | ||
var notBefore = time.Now() | ||
notAfter := notBefore.Add(x.ValidFor) | ||
|
||
//Crate serial nmuber | ||
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) | ||
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) | ||
if err != nil { | ||
log.Fatalf("failed to generate serial number: %s", err) | ||
} | ||
|
||
template := x509.Certificate{ | ||
SerialNumber: serialNumber, | ||
Subject: pkix.Name{ | ||
Organization: []string{"OpenBazaar"}, | ||
}, | ||
NotBefore: notBefore, | ||
NotAfter: notAfter, | ||
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, | ||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, | ||
BasicConstraintsValid: true, | ||
IsCA: true, | ||
} | ||
|
||
//Check if host ip or dns name and count their quantity | ||
hosts := strings.Split(x.Host, ",") | ||
for _, h := range hosts { | ||
if ip := net.ParseIP(h); ip != nil { | ||
template.IPAddresses = append(template.IPAddresses, ip) | ||
} else { | ||
template.DNSNames = append(template.DNSNames, h) | ||
} | ||
} | ||
|
||
//Create sertificate | ||
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.(*rsa.PrivateKey).PublicKey, priv) | ||
if err != nil { | ||
log.Fatalf("Failed to create certificate: %s", err) | ||
} | ||
|
||
// Create ssl directory | ||
err = os.MkdirAll(path.Join(repoPath, "ssl"), os.ModePerm) | ||
if err != nil { | ||
log.Fatalf("Failed to create ssl directory: %s", err) | ||
} | ||
|
||
//Create and write cert.pem | ||
certOut, err := os.Create(path.Join(repoPath, "ssl", "cert.pem")) | ||
if err != nil { | ||
log.Fatalf("failed to open cert.pem for writing: %s", err) | ||
} | ||
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) | ||
certOut.Close() | ||
log.Noticef("wrote cert.pem\n") | ||
|
||
//Create and write key.pem | ||
keyOut, err := os.OpenFile(path.Join(repoPath, "ssl", "key.pem"), os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) | ||
if err != nil { | ||
log.Noticef("failed to open key.pem for writing:", err) | ||
return err | ||
} | ||
pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv.(*rsa.PrivateKey))}) | ||
keyOut.Close() | ||
log.Noticef("wrote key.pem\n") | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -402,7 +402,6 @@ func (n *OpenBazaarNode) SendDisputeClose(peerId string, k *libp2p.PubKey, resol | |
Payload: a, | ||
} | ||
return n.sendMessage(peerId, k, m) | ||
return nil | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Thanks. |
||
} | ||
|
||
func (n *OpenBazaarNode) SendChat(peerId string, chatMessage *pb.Chat) error { | ||
|
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Build your
[]string
for IPAddresses and DNSNames first, then assign it to the struct on L89 all at once.