-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
added suggestions by Ben to capture more details for cert requester, …
…added entire cert in case needed in future
- Loading branch information
Showing
3 changed files
with
13 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,14 +1,17 @@ | ||
| package main | ||
|
|
||
| import ( | ||
| "bufio" | ||
| "crypto/ecdsa" | ||
| "crypto/elliptic" | ||
| "crypto/rsa" | ||
| "crypto/x509" | ||
| "encoding/asn1" | ||
| "fmt" | ||
| "log" | ||
| "net" | ||
| "net/url" | ||
| "os" | ||
| "time" | ||
|
|
||
| "github.com/aws/aws-sdk-go/aws" | ||
|
|
@@ -21,6 +24,7 @@ import ( | |
| var dyndb *dynamodb.DynamoDB | ||
|
|
||
| type x509Record struct { | ||
| Requester string | ||
| SerialNumber string | ||
| Issuer string | ||
| Subject string | ||
|
|
@@ -33,6 +37,7 @@ type x509Record struct { | |
| IPAddresses []net.IP | ||
| URIs []*url.URL | ||
| PubKey []byte | ||
| DerCert []byte | ||
| } | ||
|
|
||
| func addDbRecord(crtBytes []byte) error { | ||
|
|
@@ -54,7 +59,12 @@ func addDbRecord(crtBytes []byte) error { | |
| default: | ||
| return errors.New("only ECDSA and RSA public keys are supported") | ||
| } | ||
| reader := bufio.NewReader(os.Stdin) | ||
| fmt.Print("Enter Requester in the format of \"Joe Blogs <[email protected]>\" -> ") | ||
| requester, _ := reader.ReadString('\n') // E: requester declared and not used // E: requester declared and not used | ||
| // marshal the crt to a pem byte array | ||
| record := x509Record{ | ||
| Requester: requester, | ||
| SerialNumber: crt.SerialNumber.String(), // serial number should be unique (as in cryptographically) so we can use this as the key | ||
| Issuer: crt.Issuer.String(), | ||
| Subject: crt.Subject.String(), | ||
|
|
@@ -67,6 +77,7 @@ func addDbRecord(crtBytes []byte) error { | |
| IPAddresses: crt.IPAddresses, | ||
| URIs: crt.URIs, | ||
| PubKey: pubBytes, | ||
| DerCert: crtBytes, | ||
| } | ||
|
|
||
| // we should be running under the role given to us by the sts tokens. | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters