unhardcode the certificate serial number
This commit is contained in:
parent
6ddae21727
commit
8a7287d552
16
main.fnl
16
main.fnl
@ -6,6 +6,20 @@
|
||||
(local csr (require :openssl.x509.csr))
|
||||
(local x509 (require :openssl.x509))
|
||||
(local pkey (require :openssl.pkey))
|
||||
(local bignum (require :openssl.bignum))
|
||||
|
||||
(fn string->bignum [bytes]
|
||||
(bignum.new
|
||||
(string.format
|
||||
"0x%03x%03x%03x%03x%03x"
|
||||
(string.unpack "I4I4I4I4I4" bytes))))
|
||||
|
||||
(fn make-serial []
|
||||
;; 20 bytes, but luaossl expects it as a bignum
|
||||
(let [bytes (with-open [f (io.open "/dev/urandom" :r)]
|
||||
(f:read 20))]
|
||||
(string->bignum bytes)))
|
||||
|
||||
|
||||
(fn not-found [out]
|
||||
(doto (headers.new)
|
||||
@ -24,7 +38,7 @@
|
||||
(let [crt
|
||||
(doto (x509.new)
|
||||
(: :setVersion 2)
|
||||
(: :setSerial 42)
|
||||
(: :setSerial (make-serial))
|
||||
(: :setIssuer (ca-crt:getSubject))
|
||||
(: :setLifetime (os.time) (+ (* 365 86400) (os.time)))
|
||||
(: :setSubject (csr:getSubject))
|
||||
|
Loading…
Reference in New Issue
Block a user