@ -1,12 +1,12 @@
// Copyright 2009 The Go Authors. All rights reserved.
// Copyright 2009 The Go Authors. All rights reserved.
// Modifications Copyright 2015-201 8 Jeremy Rand. All rights reserved.
// Modifications Copyright 2015-201 9 Jeremy Rand. All rights reserved.
// Use of this source code is governed by a BSD-style
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// license that can be found in the LICENSE file.
// This code is modified from the stock CreateCertificate to use a
// This code is modified from the stock CreateCertificate to use a
// pre-existing signature.
// pre-existing signature.
// Last rebased on Go 1.1 0
// Last rebased on Go 1.1 2
// Remove all content between "import" and "CreateCertificate" in original.
// Remove all content between "import" and "CreateCertificate" in original.
// Remove all content after "CreateCertificate" in original.
// Remove all content after "CreateCertificate" in original.
//go:generate bash install.sh
//go:generate bash install.sh
@ -33,6 +33,8 @@ import (
//"encoding/pem"
//"encoding/pem"
"errors"
"errors"
//"fmt"
//"fmt"
//"internal/x/crypto/cryptobyte"
//cryptobyte_asn1 "internal/x/crypto/cryptobyte/asn1"
//"io"
//"io"
//"math/big"
//"math/big"
//"net"
//"net"
@ -41,17 +43,42 @@ import (
//"strings"
//"strings"
//"time"
//"time"
//"unicode/utf8"
//"unicode/utf8"
//
//"golang_org/x/crypto/cryptobyte"
//cryptobyte_asn1 "golang_org/x/crypto/cryptobyte/asn1"
)
)
// CreateCertificate creates a new X.509v3 certificate based on a template.
// CreateCertificate creates a new X.509v3 certificate based on a template.
// The following members of template are used: AuthorityKeyId,
// The following members of template are used:
// BasicConstraintsValid, DNSNames, ExcludedDNSDomains, ExtKeyUsage,
//
// IsCA, KeyUsage, MaxPathLen, MaxPathLenZero, NotAfter, NotBefore,
// - AuthorityKeyId
// PermittedDNSDomains, PermittedDNSDomainsCritical, SerialNumber,
// - BasicConstraintsValid
// SignatureAlgorithm, Subject, SubjectKeyId, and UnknownExtKeyUsage.
// - CRLDistributionPoints
// - DNSNames
// - EmailAddresses
// - ExcludedDNSDomains
// - ExcludedEmailAddresses
// - ExcludedIPRanges
// - ExcludedURIDomains
// - ExtKeyUsage
// - ExtraExtensions
// - IsCA
// - IssuingCertificateURL
// - KeyUsage
// - MaxPathLen
// - MaxPathLenZero
// - NotAfter
// - NotBefore
// - OCSPServer
// - PermittedDNSDomains
// - PermittedDNSDomainsCritical
// - PermittedEmailAddresses
// - PermittedIPRanges
// - PermittedURIDomains
// - PolicyIdentifiers
// - SerialNumber
// - SignatureAlgorithm
// - Subject
// - SubjectKeyId
// - URIs
// - UnknownExtKeyUsage
//
//
// The certificate is signed by parent. If parent is equal to template then the
// The certificate is signed by parent. If parent is equal to template then the
// certificate is self-signed. The parameter pub is the public key of the
// certificate is self-signed. The parameter pub is the public key of the