mirror of
https://github.com/XTLS/Xray-core.git
synced 2024-11-27 11:01:27 +00:00
93 lines
2 KiB
Go
93 lines
2 KiB
Go
package cert
|
|
|
|
import (
|
|
"context"
|
|
"crypto/x509"
|
|
"encoding/json"
|
|
"os"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/xtls/xray-core/common"
|
|
"github.com/xtls/xray-core/common/task"
|
|
)
|
|
|
|
func TestGenerate(t *testing.T) {
|
|
err := generate(nil, true, true, "ca")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func generate(domainNames []string, isCA bool, jsonOutput bool, fileOutput string) error {
|
|
commonName := "Xray Root CA"
|
|
organization := "Xray Inc"
|
|
|
|
expire := time.Hour * 3
|
|
|
|
var opts []Option
|
|
if isCA {
|
|
opts = append(opts, Authority(isCA))
|
|
opts = append(opts, KeyUsage(x509.KeyUsageCertSign|x509.KeyUsageKeyEncipherment|x509.KeyUsageDigitalSignature))
|
|
}
|
|
|
|
opts = append(opts, NotAfter(time.Now().Add(expire)))
|
|
opts = append(opts, CommonName(commonName))
|
|
if len(domainNames) > 0 {
|
|
opts = append(opts, DNSNames(domainNames...))
|
|
}
|
|
opts = append(opts, Organization(organization))
|
|
|
|
cert, err := Generate(nil, opts...)
|
|
if err != nil {
|
|
return newError("failed to generate TLS certificate").Base(err)
|
|
}
|
|
|
|
if jsonOutput {
|
|
printJSON(cert)
|
|
}
|
|
|
|
if len(fileOutput) > 0 {
|
|
if err := printFile(cert, fileOutput); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
type jsonCert struct {
|
|
Certificate []string `json:"certificate"`
|
|
Key []string `json:"key"`
|
|
}
|
|
|
|
func printJSON(certificate *Certificate) {
|
|
certPEM, keyPEM := certificate.ToPEM()
|
|
jCert := &jsonCert{
|
|
Certificate: strings.Split(strings.TrimSpace(string(certPEM)), "\n"),
|
|
Key: strings.Split(strings.TrimSpace(string(keyPEM)), "\n"),
|
|
}
|
|
content, err := json.MarshalIndent(jCert, "", " ")
|
|
common.Must(err)
|
|
os.Stdout.Write(content)
|
|
os.Stdout.WriteString("\n")
|
|
}
|
|
func printFile(certificate *Certificate, name string) error {
|
|
certPEM, keyPEM := certificate.ToPEM()
|
|
return task.Run(context.Background(), func() error {
|
|
return writeFile(certPEM, name+"_cert.pem")
|
|
}, func() error {
|
|
return writeFile(keyPEM, name+"_key.pem")
|
|
})
|
|
}
|
|
func writeFile(content []byte, name string) error {
|
|
f, err := os.Create(name)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer f.Close()
|
|
|
|
return common.Error2(f.Write(content))
|
|
}
|