compy/proxy/certfaker.go

44 lines
979 B
Go
Raw Normal View History

2015-03-28 22:07:40 +00:00
package proxy
import (
"crypto"
"crypto/tls"
"crypto/x509"
)
type certFaker struct {
ca *x509.Certificate
key crypto.PrivateKey
}
func newCertFaker(caPath, keyPath string) (*certFaker, error) {
certs, err := tls.LoadX509KeyPair(caPath, keyPath)
if err != nil {
return nil, err
}
ca, err := x509.ParseCertificate(certs.Certificate[0])
if err != nil {
return nil, err
}
return &certFaker{
ca: ca,
key: certs.PrivateKey,
}, nil
}
func (cf *certFaker) FakeCert(original *x509.Certificate) (*tls.Certificate, error) {
template := cf.createTemplate(original)
fakeCertData, err := x509.CreateCertificate(nil, template, cf.ca, cf.ca.PublicKey, cf.key)
2015-03-28 22:07:40 +00:00
return &tls.Certificate{
Certificate: [][]byte{fakeCertData},
PrivateKey: cf.key,
}, err
}
func (cf *certFaker) createTemplate(cert *x509.Certificate) *x509.Certificate {
template := &x509.Certificate{}
*template = *cert
template.SignatureAlgorithm = cf.ca.SignatureAlgorithm
return template
}