-
Notifications
You must be signed in to change notification settings - Fork 13
/
info_model.go
119 lines (98 loc) · 3.19 KB
/
info_model.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package certificateutil
import (
"crypto/rand"
"crypto/sha1"
"crypto/x509"
"fmt"
"strings"
"time"
"github.com/bitrise-io/go-pkcs12"
)
// CertificateInfoModel ...
type CertificateInfoModel struct {
CommonName string
TeamName string
TeamID string
EndDate time.Time
StartDate time.Time
Serial string
SHA1Fingerprint string
Certificate x509.Certificate
PrivateKey interface{}
}
// String ...
func (info CertificateInfoModel) String() string {
team := fmt.Sprintf("%s (%s)", info.TeamName, info.TeamID)
certInfo := fmt.Sprintf("Serial: %s, Name: %s, Team: %s, Expiry: %s", info.Serial, info.CommonName, team, info.EndDate)
err := info.CheckValidity()
if err != nil {
certInfo = certInfo + fmt.Sprintf(", error: %s", err)
}
return certInfo
}
// CheckValidity ...
func CheckValidity(certificate x509.Certificate) error {
timeNow := time.Now()
if !timeNow.After(certificate.NotBefore) {
return fmt.Errorf("Certificate is not yet valid - validity starts at: %s", certificate.NotBefore)
}
if !timeNow.Before(certificate.NotAfter) {
return fmt.Errorf("Certificate is not valid anymore - validity ended at: %s", certificate.NotAfter)
}
return nil
}
// CheckValidity ...
func (info CertificateInfoModel) CheckValidity() error {
return CheckValidity(info.Certificate)
}
// EncodeToP12 encodes a CertificateInfoModel in pkcs12 (.p12) format.
func (info CertificateInfoModel) EncodeToP12(passphrase string) ([]byte, error) {
return pkcs12.Encode(rand.Reader, info.PrivateKey, &info.Certificate, nil, passphrase)
}
// NewCertificateInfo ...
func NewCertificateInfo(certificate x509.Certificate, privateKey interface{}) CertificateInfoModel {
fingerprint := sha1.Sum(certificate.Raw)
fingerprintStr := fmt.Sprintf("%x", fingerprint)
return CertificateInfoModel{
CommonName: certificate.Subject.CommonName,
TeamName: strings.Join(certificate.Subject.Organization, " "),
TeamID: strings.Join(certificate.Subject.OrganizationalUnit, " "),
EndDate: certificate.NotAfter,
StartDate: certificate.NotBefore,
Serial: certificate.SerialNumber.String(),
SHA1Fingerprint: fingerprintStr,
Certificate: certificate,
PrivateKey: privateKey,
}
}
// InstalledCodesigningCertificateInfos ...
func InstalledCodesigningCertificateInfos() ([]CertificateInfoModel, error) {
certificates, err := InstalledCodesigningCertificates()
if err != nil {
return nil, err
}
infos := []CertificateInfoModel{}
for _, certificate := range certificates {
if certificate != nil {
infos = append(infos, NewCertificateInfo(*certificate, nil))
}
}
return infos, nil
}
// InstalledInstallerCertificateInfos ...
func InstalledInstallerCertificateInfos() ([]CertificateInfoModel, error) {
certificates, err := InstalledMacAppStoreCertificates()
if err != nil {
return nil, err
}
infos := []CertificateInfoModel{}
for _, certificate := range certificates {
if certificate != nil {
infos = append(infos, NewCertificateInfo(*certificate, nil))
}
}
installerCertificates := FilterCertificateInfoModelsByFilterFunc(infos, func(cert CertificateInfoModel) bool {
return strings.Contains(cert.CommonName, "Installer")
})
return installerCertificates, nil
}