yigitcolakoglu
/
mconnect
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 3 Wiki Activity
mconnect - KDE Connect protocol implementation in Vala/C
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
435 Commits
25 Branches
619 KiB
 
 
 
 
Tree: 37e45ea847
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '37e45ea847'
${ noResults }
mconnect/protocol/cert.go

77 lines
1.9 KiB
Raw Blame History

// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package protocol
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"math/big"
"time"
)
type DeviceCertificate struct {
key *ecdsa.PrivateKey
cert []byte
}
func (d *DeviceCertificate) TLSCertificate() *tls.Certificate {
return &tls.Certificate{
PrivateKey: d.key,
Certificate: [][]byte{d.cert},
}
}
// GenerateDeviceCertificate returns a device certificate
func GenerateDeviceCertificate(entity string) (*DeviceCertificate, error) {
limit := big.Int{}
limit.Lsh(big.NewInt(1), 128)
serial, err := rand.Int(rand.Reader, &limit)
if err != nil {
return nil, err
}
priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
if err != nil {
return nil, err
}
startTime := time.Now()
// 10 years from now
expireTime := startTime.AddDate(10, 0, 0)
template := x509.Certificate{
SerialNumber: serial,
Subject: pkix.Name{
CommonName: entity,
Organization: []string{"mconnect"},
OrganizationalUnit: []string{"mconnect"},
},
NotBefore: startTime,
NotAfter: expireTime,
BasicConstraintsValid: true,
}
selfSign := template
cert, err := x509.CreateCertificate(rand.Reader, &template, &selfSign,
&priv.PublicKey, priv)
if err != nil {
return nil, err
}
devcert := &DeviceCertificate{
key: priv,
cert: cert,
}
return devcert, nil
}