Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Add function to return a public key from an x509 certificate #261
Conversation
| @@ -292,3 +292,18 @@ func ParseCertAndKey(certPEM, keyPEM string) (*x509.Certificate, *rsa.PrivateKey | ||
| } | ||
| return cert, key, nil | ||
| } | ||
| + | ||
| +// Generate public key from keyPEM string |
perrito666
Jan 18, 2017
Contributor
the expected form for go doc is:
// ComputePublicKey generates public key from keyPEM string
| + if err != nil { | ||
| + return "", err | ||
| + } | ||
| + pubKey := cert.PublicKey.(interface {}) |
Pekkari
Jan 18, 2017
That gets the public key as it's stored inside the certificate, and using the type that x509.MarshalPKIXPublicKey
expects in the input.
perrito666
Jan 18, 2017
Contributor
interface{} means that is a blank interface, absolutely anything will match this, you dont need a typecast, just pass whatever cert.PublicKey is and it will work.
| + return "", err | ||
| + } | ||
| + pubKey := cert.PublicKey.(interface {}) | ||
| + marshalledPubKey, _ := x509.MarshalPKIXPublicKey(pubKey) |
perrito666
Jan 18, 2017
Contributor
what is the other ret value of MarshalPKIXPublicKey and why is it being ignored?
Pekkari
Jan 18, 2017
it is an error as usual, I didn't want to go so fine grained with several checks step after step, but if you need it, I certainly can add it.
| @@ -219,6 +219,13 @@ func (certSuite) TestNewClientCertRSASize(c *gc.C) { | ||
| } | ||
| } | ||
| +func (certSuite) TestComputePublicKey(c *gc.C) { | ||
| + computedPublicKey, err := cert.ComputePublicKey(caCertPEM) | ||
| + if err == nil { |
perrito666
Jan 18, 2017
Contributor
actually you want to c.Assert(err, gc.ErrorIsNil), if err is not nil this should fail too.
Pekkari
commented
Jan 18, 2017
|
I'm heading to add another commit to this, as soon as I get some test case written, so don't be in a hurry to merge it. |
Pekkari
referenced this pull request
in juju/juju
Jan 18, 2017
Closed
Initialize default x509 certificate and allow https host strings. #6831
| + for file, content := range map[string]string{ "/juju-cert.pem": pem, "/juju-cert.key": key, | ||
| + "/juju-cert.pub": public } { | ||
| + if _, err := os.Stat(location + file); os.IsNotExist(err) { | ||
| + err := ioutil.WriteFile(location + file, []byte(content), 0600) |
axw
Jan 19, 2017
Member
please use utils.AtomicWriteFile, otherwise the Stat/WriteFile pattern will be prone to half-written files
mjs
changed the title from
Add a funtion to return a public key from an x509 certificate.
to
Add function to return a public key from an x509 certificate.
Apr 6, 2017
mjs
changed the title from
Add function to return a public key from an x509 certificate.
to
Add function to return a public key from an x509 certificate
Apr 6, 2017
|
@Pekkari: where are things at with this? |
Pekkari
commented
Apr 6, 2017
|
Well, the juju pull request got stalled forever, if juju team doesn't like the idea of Thanks! José. |
|
Seeing as there's no pressing need for this any more, I'm going to close it. We can resurrect it if needed. |
Pekkari commentedJan 18, 2017
The public key will be ready to be written in a config file. This is valuable to
generate a certificateduring the initial configuration of juju client that will
become a default certificate in case of trying to use lxd https remotes.