th5/generate_cert.go
Rob Pike feb7be32ae log: new interface
New logging interface simplifies and generalizes.

1) Loggers now have only one output.
2) log.Stdout, Stderr, Crash and friends are gone.
	Logging is now always to standard error by default.
3) log.Panic* replaces log.Crash*.
4) Exiting and panicking are not part of the logger's state; instead
	the functions Exit* and Panic* simply call Exit or panic after
	printing.
5) There is now one 'standard logger'.  Instead of calling Stderr,
	use Print etc.  There are now triples, by analogy with fmt:
		Print, Println, Printf
	What was log.Stderr is now best represented by log.Println,
	since there are now separate Print and Println functions
	(and methods).
6) New functions SetOutput, SetFlags, and SetPrefix allow global
	editing of the standard logger's properties.   This is new
	functionality. For instance, one can call
		log.SetFlags(log.Lshortfile|log.Ltime|log.Lmicroseconds)
	to get all logging output to show file name, line number, and
	time stamp.

In short, for most purposes
	log.Stderr -> log.Println or log.Print
	log.Stderrf -> log.Printf
	log.Crash -> log.Panicln or log.Panic
	log.Crashf -> log.Panicf
	log.Exit -> log.Exitln or log.Exit
	log.Exitf -> log.Exitf (no change)

This has a slight breakage: since loggers now write only to one
output, existing calls to log.New() need to delete the second argument.
Also, custom loggers with exit or panic properties will need to be
reworked.

All package code updated to new interface.

The test has been reworked somewhat.

The old interface will be removed after the new release.
For now, its elements are marked 'deprecated' in their comments.

Fixes #1184.

R=rsc
CC=golang-dev
https://golang.org/cl/2419042
2010-10-12 12:59:18 -07:00

76 lines
1.9 KiB
Go

// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Generate a self-signed X.509 certificate for a TLS server. Outputs to
// 'cert.pem' and 'key.pem' and will overwrite existing files.
package main
import (
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"flag"
"log"
"os"
"time"
)
var hostName *string = flag.String("host", "127.0.0.1", "Hostname to generate a certificate for")
func main() {
flag.Parse()
urandom, err := os.Open("/dev/urandom", os.O_RDONLY, 0)
if err != nil {
log.Exitf("failed to open /dev/urandom: %s", err)
return
}
priv, err := rsa.GenerateKey(urandom, 1024)
if err != nil {
log.Exitf("failed to generate private key: %s", err)
return
}
now := time.Seconds()
template := x509.Certificate{
SerialNumber: []byte{0},
Subject: x509.Name{
CommonName: *hostName,
Organization: "Acme Co",
},
NotBefore: time.SecondsToUTC(now - 300),
NotAfter: time.SecondsToUTC(now + 60*60*24*365), // valid for 1 year.
SubjectKeyId: []byte{1, 2, 3, 4},
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
}
derBytes, err := x509.CreateCertificate(urandom, &template, &template, &priv.PublicKey, priv)
if err != nil {
log.Exitf("Failed to create certificate: %s", err)
return
}
certOut, err := os.Open("cert.pem", os.O_WRONLY|os.O_CREAT, 0644)
if err != nil {
log.Exitf("failed to open cert.pem for writing: %s", err)
return
}
pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
certOut.Close()
log.Print("written cert.pem\n")
keyOut, err := os.Open("key.pem", os.O_WRONLY|os.O_CREAT, 0600)
if err != nil {
log.Print("failed to open key.pem for writing:", err)
return
}
pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
keyOut.Close()
log.Print("written key.pem\n")
}