From 08a23f637943d92c6898cd196f170456cecd6b60 Mon Sep 17 00:00:00 2001 From: Chris Marslender Date: Thu, 12 Sep 2024 12:07:48 -0500 Subject: [PATCH] Make GenerateNewCA not write a file. call WriteCertAndKey after if it needs to be written --- pkg/tls/tls.go | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/pkg/tls/tls.go b/pkg/tls/tls.go index 030635c..722f0ea 100644 --- a/pkg/tls/tls.go +++ b/pkg/tls/tls.go @@ -77,10 +77,14 @@ func GenerateAllCerts(outDir string, privateCACert *x509.Certificate, privateCAK if privateCACert == nil && privateCAKey == nil { // If privateCACert and privateCAKey are both nil, we will generate a new one - privateCACertBytes, privateCAKeyBytes, err := GenerateNewCA(path.Join(outDir, "ca", "private_ca")) + privateCACertDER, privateCAKey, err := GenerateNewCA() if err != nil { return fmt.Errorf("error creating private ca pair: %w", err) } + privateCACertBytes, privateCAKeyBytes, err := WriteCertAndKey(privateCACertDER, privateCAKey, path.Join(outDir, "ca", "private_ca")) + if err != nil { + return fmt.Errorf("error writing private ca: %w", err) + } privateCACert, err = ParsePemCertificate(privateCACertBytes) if err != nil { return fmt.Errorf("error parsing generated private_ca.crt: %w", err) @@ -222,7 +226,7 @@ func WriteCertAndKey(certDER []byte, certKey *rsa.PrivateKey, certKeyBase string } // GenerateNewCA generates a new CA -func GenerateNewCA(certKeyBase string) ([]byte, []byte, error) { +func GenerateNewCA() ([]byte, *rsa.PrivateKey, error) { // Generate a new RSA private key privateKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { @@ -256,7 +260,7 @@ func GenerateNewCA(certKeyBase string) ([]byte, []byte, error) { return nil, nil, err } - return WriteCertAndKey(certDER, privateKey, certKeyBase) + return certDER, privateKey, nil } // GenerateCASignedCert generates a new key/cert signed by the given CA