-
Notifications
You must be signed in to change notification settings - Fork 0
/
cert.go
70 lines (57 loc) · 1.39 KB
/
cert.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package cert_helper
import (
"crypto/x509"
"encoding/pem"
"log"
"strings"
"github.com/geektheripper/alicdn-ssl-keeper/utils"
)
type Certificate struct {
CommonName string
CasCertificateId int64
PrivateKey []byte
Certificate []byte
IssuerCertificate []byte
Updated bool
casName string
x509Cert *x509.Certificate
}
func (c *Certificate) X509Certificate() *x509.Certificate {
if c.x509Cert != nil {
return c.x509Cert
}
block, _ := pem.Decode(c.Certificate)
x509Cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
log.Fatalf("parse cert failed for %s: %v", c.CommonName, err)
}
c.x509Cert = x509Cert
return c.x509Cert
}
func (c *Certificate) SetCasName(name string) {
c.casName = name
}
func (c *Certificate) SetCasCertificateId(id int64) {
c.CasCertificateId = id
}
func (c *Certificate) CasName() string {
if c.casName == "" {
c.casName = "sslkeeper-" +
strings.ReplaceAll(strings.Replace(c.CommonName, "*.", "", 1), ".", "_") +
"-" +
c.X509Certificate().NotAfter.Format("20060102") +
utils.ShortMd5(string(c.Certificate))
}
return c.casName
}
func (c *Certificate) MatchDomain(domain string) bool {
if domain == c.CommonName {
return true
}
if strings.HasPrefix(c.CommonName, "*.") &&
strings.HasSuffix(domain, c.CommonName[1:]) &&
strings.Count(domain, ".") == strings.Count(c.CommonName, ".") {
return true
}
return false
}