daanselen/runesmith
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
301b2cf38f8b9099730f15d208bb193398eacac2
runesmith/main.go
DaanSelen b04a918fdb
Some checks failed
Cross-Compile Binaries / compile-linux (push) Successful in 3m6s
Details
Cross-Compile Binaries / compile-windows (push) Has been cancelled
Details
chore: small fallback addition
2026-01-06 16:13:21 +01:00

379 lines
10 KiB
Go
Raw Blame History

package main
import (
"crypto/x509"
"encoding/pem"
"image/color"
"log"
"os"
"path/filepath"
certpair "pkcs-generator/modules/certpairs"
"slices"
"fyne.io/fyne/v2"
"fyne.io/fyne/v2/app"
"fyne.io/fyne/v2/canvas"
"fyne.io/fyne/v2/container"
"fyne.io/fyne/v2/dialog"
"fyne.io/fyne/v2/layout"
"fyne.io/fyne/v2/storage"
"fyne.io/fyne/v2/theme"
"fyne.io/fyne/v2/widget"
)
var (
windowSize fyne.Size = fyne.NewSize(700, 600)
keyTextFilter []string = []string{".key", ".txt", ".pem"}
crtTextFilter []string = []string{".crt", ".cer", ".txt", ".pem"}
)
func main() {
a := app.NewWithID("nl.systemec.pkcs-generator")
a.Settings().SetTheme(theme.DefaultTheme())
w := a.NewWindow("PKCS-Generator")
w.Resize(windowSize)
var keyPath, certPath, caIssuer string
var writePassDown, overwritePassDown bool
// Needs to be rendered early!
// Certificate Intermediate selector
// Basic in form but can easily be expanded.
var caChoices = []string{"Sectigo Public Server Authentication CA DV R36", "Sectigo RSA Domain Validation Secure Server CA"}
var sectigo2025 bool
caRadio := widget.NewRadioGroup(caChoices, func(selected string) {
switch selected {
case "Sectigo Public Server Authentication CA DV R36":
log.Println("Sectigo Public Server Authentication CA DV R36")
sectigo2025 = true
case "Sectigo RSA Domain Validation Secure Server CA":
log.Println("Sectigo RSA Domain Validation Secure Server CA")
sectigo2025 = false
default: //Fallback
sectigo2025 = true
}
})
// Labels to show selected filenames
fileLabel1 := widget.NewLabel("No file selected")
fileLabel2 := widget.NewLabel("No file selected")
radioLabel1 := widget.NewLabel("If needed you can override the selection.\nOtherwise let the application decide.")
// Certificate Keyfile
keyBtn := widget.NewButton("Upload Private Key File", func() {
keyDiag := dialog.NewFileOpen(func(r fyne.URIReadCloser, err error) {
defer r.Close()
if r != nil {
fileLabel1.SetText(r.URI().Name())
keyPath = r.URI().Path()
}
}, w)
keyFilter := storage.NewExtensionFileFilter(keyTextFilter)
keyDiag.SetFilter(keyFilter)
keyDiag.Resize(windowSize)
keyDiag.Show()
})
keyWide := container.NewGridWrap(
fyne.NewSize(400, 50),
keyBtn,
)
// Issuer entry
issuerText := widget.NewLabel("Certificate issuer will appear here...")
issuerText.Selectable = true
// Certificate file
certBtn := widget.NewButton("Upload Certificate File", func() {
// Use NewFileOpen to get the dialog object
certDiag := dialog.NewFileOpen(func(r fyne.URIReadCloser, err error) {
defer r.Close()
if r != nil {
fileLabel2.SetText(r.URI().Name())
certPath = r.URI().Path()
certData := readFile(certPath)
certObj := parseX509(certData)
caIssuer = certObj.Issuer.CommonName
log.Println("Issuer:", caIssuer)
issuerText.SetText(caIssuer)
if slices.Contains(caChoices, caIssuer) {
caRadio.SetSelected(caIssuer)
}
}
}, w)
certFilter := storage.NewExtensionFileFilter(crtTextFilter)
certDiag.SetFilter(certFilter)
// Resize the dialog
certDiag.Resize(windowSize)
certDiag.Show()
})
certWide := container.NewGridWrap(
fyne.NewSize(400, 50),
certBtn,
)
// Render the overwrite checkfox first since I need its variable/object to disable/enable in the next checkbox (which is visually above this one)
overwriteCheckBox := widget.NewCheck("Overwrite possible existing 'pkcs_password' file", func(checked bool) {
if checked {
log.Println("Checked box: overwrite if file exists.")
overwritePassDown = true
} else {
log.Println("Unchecked box: not overwriting if file exists.")
overwritePassDown = false
}
})
// Disable the checkbox by default since its reliant on the writeCheckBox
overwriteCheckBox.Disable()
writeCheckBox := widget.NewCheck("Save password to file", func(checked bool) {
if checked {
log.Println("Checked box: saving to file.")
writePassDown = true
overwriteCheckBox.Enable()
} else {
log.Println("Unchecked box: not saving to file")
writePassDown = false
overwriteCheckBox.Disable()
}
})
// Status label, where pfx pass will appear
statusText := widget.NewLabel("Status will appear here...")
statusText.Selectable = true
actionBtn := widget.NewButton("Generate", func() {
files := []string{keyPath, certPath}
// The following structure is basic but can easily be expanded to fit more pairs
// 0 = ROOT
// 1 = CA
// As per spec in the certpair module.
var certPair []string
if sectigo2025 {
certPair = certpair.SectigoNewChain
} else {
certPair = certpair.SectigoOldChain
}
// Check if one of the filepaths is empty
allPresent := true
if slices.Contains(files, "") {
allPresent = false
}
// Check if all needed file/data is present
if !allPresent {
statusText.SetText("One or more files missing!")
log.Println("One or more files missing!")
return
}
// Generate the PKCS file with the given data
pfxPass, pfxData := integrityCheckAndGo(keyPath, certPath, certPair[1], certPair[0])
// Check if the data returned is OK
if len(pfxData) == 0 || pfxData == nil {
log.Println("Something went wrong while creating the PKCS file...")
statusText.SetText("Something went wrong while creating the PKCS file...")
}
// Most important dialog next, saving the PKCS somewhere
// We also need to declare some variables because otherwise theyd become out of scope
var desiredPath string
var defaultName string = "certificate_store.pfx"
svDialog := dialog.NewFileSave(
func(writer fyne.URIWriteCloser, err error) {
defer writer.Close()
desiredPath = writer.URI().Path()
desiredParentPath := filepath.Dir(desiredPath)
if err != nil {
dialog.ShowError(err, w)
}
if writer == nil {
// User cancelled
}
_, err = writer.Write(pfxData)
if err != nil {
dialog.ShowError(err, w)
}
var dnText string = "PKCS file saved to: " + desiredPath + "\nThe password for the generated pkcs file is:\n\n" + pfxPass
// Write down the PKCS password on the filesystem
if writePassDown {
wholePath := desiredParentPath + "/pkcs_password"
var alreadyExists bool
if _, err := os.Stat(wholePath); err == nil {
alreadyExists = true
} else if os.IsNotExist(err) {
alreadyExists = false
} else { // Failsafe if something unforeseen happens
alreadyExists = true
}
if alreadyExists && !overwritePassDown {
log.Println("File already exists and overwrite checkbox is unchecked.")
dnText += "\n\nCAREFUL! PKCS password was NOT written down. File exists! NOT OVERWRITING!"
} else {
log.Println("Writing PKCS password to: " + wholePath)
err := os.WriteFile(wholePath, []byte(pfxPass), 0644)
if err != nil {
log.Println("Error writing file:", err)
}
}
}
statusText.SetText(dnText)
}, w)
svDialog.Resize(windowSize)
svDialog.SetFileName(defaultName)
svDialog.SetFilter(storage.NewExtensionFileFilter([]string{".pfx"}))
svDialog.Show()
})
actionWide := container.NewGridWrap(
fyne.NewSize(200, 50),
actionBtn,
)
cancelBtn := widget.NewButton("Exit", func() {
log.Println("Quitting...")
a.Quit()
})
exitWide := container.NewGridWrap(
fyne.NewSize(200, 50),
cancelBtn,
)
// CREATE LAYOUTS
bottom := container.NewHBox(
actionWide, // left
layout.NewSpacer(), // flexible space
exitWide, // right
)
centerContent := container.NewVBox(
container.New(layout.NewGridLayout(2), keyWide, fileLabel1),
container.New(layout.NewGridLayout(2), certWide, fileLabel2),
widget.NewLabel(""),
issuerText,
canvas.NewLine(color.Gray{Y: 128}),
widget.NewLabel(""),
container.New(layout.NewGridLayout(2), radioLabel1, caRadio),
layout.NewSpacer(), // optional flexible space
writeCheckBox,
overwriteCheckBox,
canvas.NewLine(color.Gray{Y: 128}),
statusText, // Add the referenced text container
widget.NewLabel(""), // Add empty line for space
)
content := container.NewBorder(
widget.NewLabel("Select relevant files."), // top
bottom, // bottom
nil, nil, // left, right
centerContent,
)
w.SetContent(content)
w.ShowAndRun()
}
func readFile(path string) []byte {
rawData, err := os.ReadFile(path)
if err != nil {
log.Printf("Error reading contents of %s, %e", path, err)
return nil
} else {
return rawData
}
}
func parsePrivateKey(keyData []byte) any {
block, _ := pem.Decode(keyData)
if block == nil {
log.Fatal("failed to decode key PEM")
}
privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
log.Fatal(err)
}
return privateKey
}
func parseX509(certData []byte) *x509.Certificate {
block, _ := pem.Decode(certData)
if block == nil {
log.Fatal("failed to parse PEM block")
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
log.Fatal(err)
}
return cert
}
func integrityCheckAndGo(keyPath, certPath, caRootString, caCertString string) (string, []byte) {
if _, err := os.Stat(keyPath); err != nil {
log.Printf("Error checking Private Keyfile, %e", err)
return "Error...", nil
}
if _, err := os.Stat(certPath); err != nil {
log.Printf("Error checking Certificate file, %e", err)
return "Error...", nil
}
keyData := readFile(keyPath) // Read the private key file (PEM/DER)
certData := readFile(certPath) // Read the certificate file (PEM/DER)
log.Println("Loading key")
key := parsePrivateKey(keyData) // Convert bytes to Go private key object
log.Println("Loading certificate")
cert := parseX509(certData) // Convert bytes to Go x509.Certificate
log.Println("Loading CA certificate")
caCert := parseX509([]byte(caCertString))
log.Println("Loading ROOT certificate")
rootCert := parseX509([]byte(caRootString))
checkPublicKey(cert) // Print the information about the key
if checkCertKeyPair(cert.PublicKey, key) {
log.Println("Private key matches certificate")
} else {
return "Private key does NOT match certificate", nil
}
caCertList := []*x509.Certificate{caCert, rootCert}
pfxPass, pfxData, err := generatePKCS12(key, cert, caCertList)
if err != nil {
return "", nil
}
return pfxPass, pfxData
}
Reference in New Issue View Git Blame Copy Permalink