( usage []x509.ExtKeyUsage, caPrivateKey *rsa.PrivateKey, caCertificate *x509.Certificate, )
| 270 | } |
| 271 | |
| 272 | func createSignedCert( |
| 273 | usage []x509.ExtKeyUsage, |
| 274 | caPrivateKey *rsa.PrivateKey, |
| 275 | caCertificate *x509.Certificate, |
| 276 | ) ([]byte, []byte, error) { |
| 277 | cert := &x509.Certificate{ |
| 278 | SerialNumber: big.NewInt(1658), |
| 279 | Subject: pkix.Name{ |
| 280 | Organization: []string{"ACME, Inc"}, |
| 281 | Country: []string{"US"}, |
| 282 | }, |
| 283 | IPAddresses: []net.IP{net.IPv4(127, 0, 0, 1)}, |
| 284 | NotBefore: time.Now(), |
| 285 | NotAfter: time.Now().AddDate(0, 0, 1), |
| 286 | SubjectKeyId: []byte{1}, |
| 287 | ExtKeyUsage: usage, |
| 288 | KeyUsage: x509.KeyUsageDigitalSignature, |
| 289 | } |
| 290 | certPrivKey, err := rsa.GenerateKey(rand.Reader, 4096) |
| 291 | if err != nil { |
| 292 | return nil, nil, err |
| 293 | } |
| 294 | certBytes, err := x509.CreateCertificate( |
| 295 | rand.Reader, |
| 296 | cert, |
| 297 | caCertificate, |
| 298 | &certPrivKey.PublicKey, |
| 299 | caPrivateKey, |
| 300 | ) |
| 301 | if err != nil { |
| 302 | return nil, nil, err |
| 303 | } |
| 304 | certPrivKeyPEM := new(bytes.Buffer) |
| 305 | if err := pem.Encode(certPrivKeyPEM, &pem.Block{ |
| 306 | Type: "RSA PRIVATE KEY", |
| 307 | Bytes: x509.MarshalPKCS1PrivateKey(certPrivKey), |
| 308 | }); err != nil { |
| 309 | return nil, nil, err |
| 310 | } |
| 311 | certPEM := new(bytes.Buffer) |
| 312 | if err := pem.Encode(certPEM, |
| 313 | &pem.Block{Type: "CERTIFICATE", Bytes: certBytes}, |
| 314 | ); err != nil { |
| 315 | return nil, nil, err |
| 316 | } |
| 317 | return certPrivKeyPEM.Bytes(), certPEM.Bytes(), nil |
| 318 | } |
| 319 | |
| 320 | func runRequest( |
| 321 | clientConfig config.HTTPClientConfiguration, |
no test coverage detected