Skip to content

Instantly share code, notes, and snippets.

@tom-code
Last active April 20, 2019 14:37
Show Gist options
  • Select an option

  • Save tom-code/d16450b0137b2b15d2213127630e9230 to your computer and use it in GitHub Desktop.

Select an option

Save tom-code/d16450b0137b2b15d2213127630e9230 to your computer and use it in GitHub Desktop.
generate stir/shaken csr ATIS-1000080
package main
import (
"encoding/asn1"
"crypto/elliptic"
"crypto/ecdsa"
"crypto/rand"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"os"
)
func encodeTNAuthList(spc string) []byte {
str, _ := asn1.Marshal(asn1.RawValue {
Class: 0,
IsCompound: false,
Tag: asn1.TagIA5String,
Bytes: []byte(spc),
})
av := asn1.RawValue {
Class: 2,
IsCompound: true,
Tag: 0,
Bytes: str,
}
avo, _ := asn1.Marshal(av)
a0 := asn1.RawValue {
Class: 0,
IsCompound: true,
Tag: asn1.TagSequence,
Bytes: avo,
}
by, _ := asn1.Marshal(a0)
return by
}
func main() {
ecKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
template := x509.CertificateRequest{
Subject: pkix.Name {
Country: []string {"US"},
Province: []string {"VA"},
Locality: []string {"la"},
Organization: []string {"telecom ltd"},
OrganizationalUnit: []string {"VOIP"},
},
SignatureAlgorithm: x509.ECDSAWithSHA256,
ExtraExtensions: []pkix.Extension{
pkix.Extension{
Id:[]int{1,3,6,1,5,5,7,1,26},
Value:encodeTNAuthList("1234"),
},
},
}
csrBytes, err := x509.CreateCertificateRequest(rand.Reader, &template, ecKey)
if err != nil {
panic(err)
}
pem.Encode(os.Stdout, &pem.Block{Type: "CERTIFICATE REQUEST", Bytes: csrBytes})
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment