Refactor each command in its own file
This commit is contained in:
Pim van Pelt
98
tesseract/genconf/roots.go
Normal file
98
tesseract/genconf/roots.go
Normal file
@@ -0,0 +1,98 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"encoding/pem"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type CTLogRootsResponse struct {
|
||||
Certificates []string `json:"certificates"`
|
||||
}
|
||||
|
||||
func generateRoots(args []string) {
|
||||
sourceURL := "https://rennet2027h2.log.ct.ipng.ch/"
|
||||
outputFile := "roots.pem"
|
||||
|
||||
// Parse command line arguments
|
||||
for i := 0; i < len(args); i++ {
|
||||
switch args[i] {
|
||||
case "--source":
|
||||
if i+1 >= len(args) {
|
||||
log.Fatal("--source flag requires a URL argument")
|
||||
}
|
||||
sourceURL = args[i+1]
|
||||
i++ // Skip the next argument since we used it
|
||||
case "--output":
|
||||
if i+1 >= len(args) {
|
||||
log.Fatal("--output flag requires a filename argument")
|
||||
}
|
||||
outputFile = args[i+1]
|
||||
i++ // Skip the next argument since we used it
|
||||
default:
|
||||
log.Fatalf("Unknown argument: %s", args[i])
|
||||
}
|
||||
}
|
||||
|
||||
// Ensure source URL ends with /
|
||||
if !strings.HasSuffix(sourceURL, "/") {
|
||||
sourceURL += "/"
|
||||
}
|
||||
|
||||
// Construct the get-roots URL
|
||||
getRootsURL := sourceURL + "ct/v1/get-roots"
|
||||
|
||||
// Fetch roots from CT log
|
||||
fmt.Printf("Fetching roots from: %s\n", getRootsURL)
|
||||
resp, err := http.Get(getRootsURL)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to fetch roots: %v", err)
|
||||
}
|
||||
defer resp.Body.Close()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
log.Fatalf("HTTP request failed with status: %d", resp.StatusCode)
|
||||
}
|
||||
|
||||
// Parse JSON response
|
||||
var rootsResp CTLogRootsResponse
|
||||
err = json.NewDecoder(resp.Body).Decode(&rootsResp)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to parse JSON response: %v", err)
|
||||
}
|
||||
|
||||
// Create output file
|
||||
outFile, err := os.Create(outputFile)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to create output file %s: %v", outputFile, err)
|
||||
}
|
||||
defer outFile.Close()
|
||||
|
||||
// Write each certificate as PEM
|
||||
for _, certBase64 := range rootsResp.Certificates {
|
||||
// Decode base64 certificate
|
||||
certBytes, err := base64.StdEncoding.DecodeString(certBase64)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to decode certificate: %v", err)
|
||||
}
|
||||
|
||||
// Create PEM block
|
||||
pemBlock := &pem.Block{
|
||||
Type: "CERTIFICATE",
|
||||
Bytes: certBytes,
|
||||
}
|
||||
|
||||
// Write PEM to file
|
||||
err = pem.Encode(outFile, pemBlock)
|
||||
if err != nil {
|
||||
log.Fatalf("Failed to write PEM certificate: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
fmt.Printf("Successfully wrote %d certificates to %s\n", len(rootsResp.Certificates), outputFile)
|
||||
}
|
||||
Reference in New Issue
Block a user