dan/certifix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

unhardcode the certificate serial number

Browse Source
This commit is contained in:
Daniel Barlow 2024-09-25 12:00:40 +01:00
parent 6ddae21727
commit 8a7287d552
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
main.fnl
View File

@ -6,6 +6,20 @@
(local csr (require :openssl.x509.csr)) (local csr (require :openssl.x509.csr))
(local x509 (require :openssl.x509)) (local x509 (require :openssl.x509))
(local pkey (require :openssl.pkey)) (local pkey (require :openssl.pkey))
(local bignum (require :openssl.bignum))
(fn string->bignum [bytes]
(bignum.new
(string.format
"0x%03x%03x%03x%03x%03x"
(string.unpack "I4I4I4I4I4" bytes))))
(fn make-serial []
;; 20 bytes, but luaossl expects it as a bignum
(let [bytes (with-open [f (io.open "/dev/urandom" :r)]
(f:read 20))]
(string->bignum bytes)))
(fn not-found [out] (fn not-found [out]
(doto (headers.new) (doto (headers.new)
@ -24,7 +38,7 @@
(let [crt (let [crt
(doto (x509.new) (doto (x509.new)
(: :setVersion 2) (: :setVersion 2)
(: :setSerial 42) (: :setSerial (make-serial))
(: :setIssuer (ca-crt:getSubject)) (: :setIssuer (ca-crt:getSubject))
(: :setLifetime (os.time) (+ (* 365 86400) (os.time))) (: :setLifetime (os.time) (+ (* 365 86400) (os.time)))
(: :setSubject (csr:getSubject)) (: :setSubject (csr:getSubject))