Skip to content

Commit d40965d

Browse files
cmagliecmaglie
committed
Better use of go-paths library
1 parent 82cab46 commit d40965d

File tree

1 file changed

+27
-31
lines changed

1 file changed

+27
-31
lines changed

certificates.go

Lines changed: 27 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@ import (
1616
"crypto/x509/pkix"
1717
"encoding/pem"
1818
"fmt"
19-
"io/ioutil"
2019
"math/big"
2120
"net"
2221
"os"
@@ -134,20 +133,20 @@ func generateSingleCertificate(isCa bool) (*x509.Certificate, error) {
134133
return &template, nil
135134
}
136135

137-
func generateCertificates(path *paths.Path) {
138-
path.Join("ca.cert.pem").Remove()
139-
path.Join("ca.key.pem").Remove()
140-
path.Join("cert.pem").Remove()
141-
path.Join("key.pem").Remove()
136+
func generateCertificates(certsDir *paths.Path) {
137+
certsDir.Join("ca.cert.pem").Remove()
138+
certsDir.Join("ca.key.pem").Remove()
139+
certsDir.Join("cert.pem").Remove()
140+
certsDir.Join("key.pem").Remove()
142141

143142
// Create the key for the certification authority
144143
caKey, err := generateKey("P256")
145144
if err != nil {
146145
log.Error(err.Error())
147146
os.Exit(1)
148147
}
149-
keyOutPath := path.Join("ca.key.pem").String()
150-
keyOut, err := os.OpenFile(keyOutPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
148+
keyOutPath := certsDir.Join("ca.key.pem").String()
149+
keyOut, err := os.OpenFile(keyOutPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) // Save key with user-only permission 0600
151150
if err != nil {
152151
log.Error(err.Error())
153152
os.Exit(1)
@@ -158,27 +157,26 @@ func generateCertificates(path *paths.Path) {
158157

159158
// Create the certification authority
160159
caTemplate, err := generateSingleCertificate(true)
161-
162160
if err != nil {
163161
log.Error(err.Error())
164162
os.Exit(1)
165163
}
166164

167165
derBytes, _ := x509.CreateCertificate(rand.Reader, caTemplate, caTemplate, publicKey(caKey), caKey)
168166

169-
certOutPath := path.Join("ca.cert.pem").String()
170-
certOut, err := os.Create(certOutPath)
167+
caCertOutPath := certsDir.Join("ca.cert.pem")
168+
caCertOut, err := caCertOutPath.Create()
171169
if err != nil {
172170
log.Error(err.Error())
173171
os.Exit(1)
174172
}
175-
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
176-
certOut.Close()
177-
log.Printf("written %s", certOutPath)
173+
pem.Encode(caCertOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
174+
caCertOut.Close()
175+
log.Printf("written %s", caCertOutPath)
178176

179-
filePath := path.Join("ca.cert.cer").String()
180-
ioutil.WriteFile(filePath, derBytes, 0644)
181-
log.Printf("written %s", filePath)
177+
caCertPath := certsDir.Join("ca.cert.cer")
178+
caCertPath.WriteFile(derBytes)
179+
log.Printf("written %s", caCertPath)
182180

183181
// Create the key for the final certificate
184182
key, err := generateKey("P256")
@@ -187,8 +185,8 @@ func generateCertificates(path *paths.Path) {
187185
os.Exit(1)
188186
}
189187

190-
keyOutPath = path.Join("key.pem").String()
191-
keyOut, err = os.OpenFile(keyOutPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
188+
keyOutPath = certsDir.Join("key.pem").String()
189+
keyOut, err = os.OpenFile(keyOutPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) // Save key with user-only permission 0600
192190
if err != nil {
193191
log.Error(err.Error())
194192
os.Exit(1)
@@ -199,28 +197,26 @@ func generateCertificates(path *paths.Path) {
199197

200198
// Create the final certificate
201199
template, err := generateSingleCertificate(false)
202-
203200
if err != nil {
204201
log.Error(err.Error())
205202
os.Exit(1)
206203
}
207204

208205
derBytes, _ = x509.CreateCertificate(rand.Reader, template, caTemplate, publicKey(key), caKey)
209206

210-
certOutPath = path.Join("cert.pem").String()
211-
certOut, err = os.Create(certOutPath)
207+
certOutPath := certsDir.Join("cert.pem").String()
208+
certOut, err := os.Create(certOutPath)
212209
if err != nil {
213210
log.Error(err.Error())
214211
os.Exit(1)
215212
}
216213
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
217-
certOut.Close()
218-
log.Printf("written %s", certOutPath)
214+
caCertOut.Close()
215+
log.Printf("written %s", caCertOutPath)
219216

220-
certPath := path.Join("cert.cer").String()
221-
ioutil.WriteFile(certPath, derBytes, 0644)
217+
certPath := certsDir.Join("cert.cer")
218+
certPath.WriteFile(derBytes)
222219
log.Printf("written %s", certPath)
223-
224220
}
225221

226222
func certHandler(c *gin.Context) {
@@ -239,10 +235,10 @@ func deleteCertHandler(c *gin.Context) {
239235
}
240236

241237
// DeleteCertificates will delete the certificates
242-
func DeleteCertificates(path *paths.Path) {
243-
path.Join("ca.cert.pem").Remove()
244-
path.Join("ca.cert.cer").Remove()
245-
path.Join("ca.key.pem").Remove()
238+
func DeleteCertificates(certDir *paths.Path) {
239+
certDir.Join("ca.cert.pem").Remove()
240+
certDir.Join("ca.cert.cer").Remove()
241+
certDir.Join("ca.key.pem").Remove()
246242
}
247243

248244
const noFirefoxTemplateHTML = `<!DOCTYPE html>

0 commit comments

Comments
 (0)