mirror of
https://github.com/phishingclub/phishingclub.git
synced 2026-02-12 16:12:44 +00:00
57 lines
1.3 KiB
Go
57 lines
1.3 KiB
Go
//go:build dev
|
|
|
|
package acme
|
|
|
|
import (
|
|
"crypto/x509"
|
|
_ "embed"
|
|
"encoding/pem"
|
|
"log"
|
|
|
|
"github.com/caddyserver/certmagic"
|
|
"github.com/phishingclub/phishingclub/config"
|
|
"github.com/phishingclub/phishingclub/errs"
|
|
"go.uber.org/zap"
|
|
"gorm.io/gorm"
|
|
)
|
|
|
|
const DEV_ACME_URL = "https://pebble:14000/dir"
|
|
|
|
//go:embed pebble.minica.pem
|
|
var acmeRootCertPemBlock []byte
|
|
|
|
func loadDevelopmentPebbleCertificate() (*x509.Certificate, error) {
|
|
certDERBlock, _ := pem.Decode(acmeRootCertPemBlock)
|
|
if certDERBlock == nil {
|
|
log.Fatal("Failed to parse the certificate PEM.")
|
|
}
|
|
acmeRootCert, err := x509.ParseCertificate(certDERBlock.Bytes)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
return acmeRootCert, nil
|
|
}
|
|
|
|
// SetupCertMagic creates a certmagic config for development
|
|
// and checks which domains are allowed from the db before getting a certificate
|
|
func SetupCertMagic(
|
|
certStoragePath string,
|
|
conf *config.Config,
|
|
db *gorm.DB,
|
|
logger *zap.SugaredLogger,
|
|
) (*certmagic.Config, *certmagic.Cache, error) {
|
|
cert, err := loadDevelopmentPebbleCertificate()
|
|
if err != nil {
|
|
return nil, nil, errs.Wrap(err)
|
|
}
|
|
pool := x509.NewCertPool()
|
|
pool.AddCert(cert)
|
|
certmagic.DefaultACME = certmagic.ACMEIssuer{
|
|
CA: DEV_ACME_URL,
|
|
TestCA: DEV_ACME_URL,
|
|
Agreed: true,
|
|
TrustedRoots: pool,
|
|
}
|
|
return setupCertMagic(certStoragePath, conf, db, logger)
|
|
}
|