-
Notifications
You must be signed in to change notification settings - Fork 6
/
make_csr_cbor.go
86 lines (72 loc) · 1.68 KB
/
make_csr_cbor.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
//go:build never
// +build never
// This program reads a user CSR key (generated with openssl,
// currently):
//
// openssl ecparam -name prime256v1 -genkey -out USER.key
// openssl req -new -key USER.key -out USER.csr \
// -subj "/O=Orgname/CN=396c7a48-a1a6-4682-ba36-70d13f3b8902"
//
// The CN of the subject of the key should be the unique identifier
// for the device being simulated.
//
// This program reads that file, and outputs a cbor csr request
// appropriate to give the server.
//
// This request can be given to the server (assuming port 1443) with
//
// wget --ca-certificate=SERVER.crt \
// --post-file USER.cbor \
// https://localhost:1443/api/v1/cr
package main
import (
"encoding/pem"
"flag"
"fmt"
"io/ioutil"
"os"
"github.com/fxamacker/cbor/v2"
"github.com/Linaro/lite_bootstrap_server/protocol"
)
var (
inFile = flag.String("in", "USER.csr", "Name of input csr file")
outFile = flag.String("out", "USER.cbor", "Name of output cbor")
)
func main() {
flag.Parse()
err := run()
if err != nil {
fmt.Printf("Failure: %v\n", err)
os.Exit(1)
}
}
func run() error {
inp, err := os.Open(*inFile)
if err != nil {
return err
}
defer inp.Close()
raw, err := ioutil.ReadAll(inp)
if err != nil {
return err
}
pem, rest := pem.Decode(raw)
if len(rest) != 0 {
return fmt.Errorf("Invalid PEM input. Expecting one block")
}
if pem.Type != "CERTIFICATE REQUEST" {
return fmt.Errorf("Expecting BEGIN CERTIFICATE REQUEST")
}
req := protocol.CSRRequest{
CSR: pem.Bytes,
}
encoded, err := cbor.Marshal(&req)
if err != nil {
return nil
}
err = ioutil.WriteFile(*outFile, encoded, 0644)
if err != nil {
return err
}
return nil
}