mirror of
https://github.com/wneessen/go-mail.git
synced 2024-11-25 23:15:08 +01:00
feat: add parent certificates
This commit is contained in:
parent
7f7bf80e39
commit
c45aec89e9
1 changed files with 19 additions and 5 deletions
16
smime.go
16
smime.go
|
@ -16,6 +16,9 @@ var (
|
||||||
// ErrInvalidKeyPair should be used if key pair is invalid
|
// ErrInvalidKeyPair should be used if key pair is invalid
|
||||||
ErrInvalidKeyPair = errors.New("invalid key pair")
|
ErrInvalidKeyPair = errors.New("invalid key pair")
|
||||||
|
|
||||||
|
// ErrInvalidParentCertificates should be used if one of the parent certificates is invalid
|
||||||
|
ErrInvalidParentCertificates = errors.New("invalid parent certificates")
|
||||||
|
|
||||||
// ErrCouldNotInitialize should be used if the signed data could not initialize
|
// ErrCouldNotInitialize should be used if the signed data could not initialize
|
||||||
ErrCouldNotInitialize = errors.New("could not initialize signed data")
|
ErrCouldNotInitialize = errors.New("could not initialize signed data")
|
||||||
|
|
||||||
|
@ -32,6 +35,7 @@ var (
|
||||||
// SMime is used to sign messages with S/MIME
|
// SMime is used to sign messages with S/MIME
|
||||||
type SMime struct {
|
type SMime struct {
|
||||||
privateKey *rsa.PrivateKey
|
privateKey *rsa.PrivateKey
|
||||||
|
parentCertificates []*x509.Certificate
|
||||||
certificate *x509.Certificate
|
certificate *x509.Certificate
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -41,9 +45,19 @@ func newSMime(keyPair *tls.Certificate) (*SMime, error) {
|
||||||
return nil, ErrInvalidKeyPair
|
return nil, ErrInvalidKeyPair
|
||||||
}
|
}
|
||||||
|
|
||||||
|
parentCertificates := make([]*x509.Certificate, 0)
|
||||||
|
for _, cert := range keyPair.Certificate[1:] {
|
||||||
|
c, err := x509.ParseCertificate(cert)
|
||||||
|
if err != nil {
|
||||||
|
return nil, ErrInvalidParentCertificates
|
||||||
|
}
|
||||||
|
parentCertificates = append(parentCertificates, c)
|
||||||
|
}
|
||||||
|
|
||||||
return &SMime{
|
return &SMime{
|
||||||
privateKey: keyPair.PrivateKey.(*rsa.PrivateKey),
|
privateKey: keyPair.PrivateKey.(*rsa.PrivateKey),
|
||||||
certificate: keyPair.Leaf,
|
certificate: keyPair.Leaf,
|
||||||
|
parentCertificates: parentCertificates,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -58,7 +72,7 @@ func (sm *SMime) signMessage(message string) (*string, error) {
|
||||||
return nil, ErrCouldNotInitialize
|
return nil, ErrCouldNotInitialize
|
||||||
}
|
}
|
||||||
|
|
||||||
if err = signedData.AddSigner(sm.certificate, sm.privateKey, pkcs7.SignerInfoConfig{}); err != nil {
|
if err = signedData.AddSignerChain(sm.certificate, sm.privateKey, sm.parentCertificates, pkcs7.SignerInfoConfig{}); err != nil {
|
||||||
return nil, ErrCouldNotAddSigner
|
return nil, ErrCouldNotAddSigner
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue