(name string, ous []string, pub crypto.PublicKey)
| 374 | } |
| 375 | |
| 376 | func (ca *CA) issueSignCertificate(name string, ous []string, pub crypto.PublicKey) ([]byte, *x509.Certificate) { |
| 377 | var err error |
| 378 | |
| 379 | template := x509Template() |
| 380 | template.KeyUsage = x509.KeyUsageDigitalSignature |
| 381 | template.ExtKeyUsage = nil |
| 382 | template.Subject = pkix.Name{ |
| 383 | CommonName: name, |
| 384 | Organization: ca.cert.Subject.Organization, |
| 385 | OrganizationalUnit: ous, |
| 386 | } |
| 387 | template.SubjectKeyId, err = computeSKI(pub) |
| 388 | Expect(err).NotTo(HaveOccurred()) |
| 389 | |
| 390 | certBytes, err := x509.CreateCertificate(rand.Reader, &template, ca.cert, pub, ca.signer) |
| 391 | Expect(err).NotTo(HaveOccurred()) |
| 392 | cert, err := x509.ParseCertificate(certBytes) |
| 393 | Expect(err).NotTo(HaveOccurred()) |
| 394 | return certBytes, cert |
| 395 | } |
| 396 | |
| 397 | func (ca *CA) issueTLSCertificate(name string, sans []string, pub crypto.PublicKey) ([]byte, *x509.Certificate) { |
| 398 | var err error |
no test coverage detected