修正变量名拼写并优化默认密钥用法选择

将 `keyUseage` 和 `extKeyUseage` 修正为 `keyUsage` 和 `extKeyUsage`，并优化了不同证书类型下的默认密钥用法选择逻辑。同时，增加了对 `ExtKeyUsageAny` 的支持。

src/mainfunc/myca/mycav1/action.go

@@ -66,13 +66,13 @@ func CreateRCA() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("rca")
+	keyUsage, err := ReadKeyUsage("rca")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -191,7 +191,7 @@ func CreateRCA() {
 		return
 	}
 
-	caCert, key, rcaInfo, err := rootca.CreateRCA(infoPath, cryptoType, keyLength, subject, keyUseage, extKeyUseage, maxPathLen, ocspURLs, issurURLs, crlURLs, notBefore, notAfter)
+	caCert, key, rcaInfo, err := rootca.CreateRCA(infoPath, cryptoType, keyLength, subject, keyUsage, extKeyUsage, maxPathLen, ocspURLs, issurURLs, crlURLs, notBefore, notAfter)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -280,13 +280,13 @@ func CreateICAFromRCA() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("ica")
+	keyUsage, err := ReadKeyUsage("ica")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -418,7 +418,7 @@ func CreateICAFromRCA() {
 		return
 	}
 
-	caCert, key, icaInfo, err := ica.CreateICA(infoPath, rcaInfo, cryptoType, keyLength, subject, keyUseage, extKeyUseage, maxPathLen, selfOcspURLs, selfIssurURLs, crlURLs, notBefore, notAfter, rcaCert, rcaKey)
+	caCert, key, icaInfo, err := ica.CreateICA(infoPath, rcaInfo, cryptoType, keyLength, subject, keyUsage, extKeyUsage, maxPathLen, selfOcspURLs, selfIssurURLs, crlURLs, notBefore, notAfter, rcaCert, rcaKey)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -507,13 +507,13 @@ func CreateICAFromICA() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("ica")
+	keyUsage, err := ReadKeyUsage("ica")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -645,7 +645,7 @@ func CreateICAFromICA() {
 		return
 	}
 
-	caCert, key, newIcaInfo, err := ica.CreateICA(infoPath, icaInfo, cryptoType, keyLength, subject, keyUseage, extKeyUseage, maxPathLen, ocspURLs, issurURLs, crlURLs, notBefore, notAfter, icaCert, icaKey)
+	caCert, key, newIcaInfo, err := ica.CreateICA(infoPath, icaInfo, cryptoType, keyLength, subject, keyUsage, extKeyUsage, maxPathLen, ocspURLs, issurURLs, crlURLs, notBefore, notAfter, icaCert, icaKey)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -734,13 +734,13 @@ func CreateUserCertFromRCA() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("cert")
+	keyUsage, err := ReadKeyUsage("auto_cert")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -780,13 +780,13 @@ func CreateUserCertFromRCA() {
 	emails, err := ReadMoreStringWithPolicy("Enter your email", func(s string) (string, error) {
 		email, err := mail.ParseAddress(s)
 		if err != nil {
-			return "", NewWarning(fmt.Sprintf("not a valid email (%s)", err.Error()))
+			return "", NewWarningF("not a valid email (%s)", err.Error())
 		} else if !utils.IsValidEmail(email.Address) {
 			return "", NewWarning("not a valid email (%s)")
 		} else if checkEmail {
 			if !utils.CheckEmailMX(email) {
 				if !StillAddEmail {
-					return "", NewWarning(fmt.Sprintf("email (%s) check failed\n", s))
+					return "", NewWarningF("email (%s) check failed\n", s)
 				}
 			}
 		}
@@ -823,7 +823,7 @@ func CreateUserCertFromRCA() {
 
 		ipsN, err := utils.ResolveDomainToIPs(s)
 		if err != nil {
-			return NewWarning(fmt.Sprintf("domain resolve error (%s)\n", err.Error()))
+			return NewWarningF("domain resolve error (%s)\n", err.Error())
 		} else if ipsN == nil {
 			return NewWarning("domain without ip")
 		}
@@ -898,7 +898,7 @@ func CreateUserCertFromRCA() {
 		return
 	}
 
-	userCert, key, certInfo, err := cert.CreateCert(infoPath, rcaInfo, cryptoType, keyLength, subject, keyUseage, extKeyUseage, domains, ips, emails, urls, notBefore, notAfter, rcaCert, rcaKey)
+	userCert, key, certInfo, err := cert.CreateCert(infoPath, rcaInfo, cryptoType, keyLength, subject, keyUsage, extKeyUsage, domains, ips, emails, urls, notBefore, notAfter, rcaCert, rcaKey)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -987,13 +987,13 @@ func CreateUserCertFromICA() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("cert")
+	keyUsage, err := ReadKeyUsage("auto_cert")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -1033,13 +1033,13 @@ func CreateUserCertFromICA() {
 	emails, err := ReadMoreStringWithPolicy("Enter your email", func(s string) (string, error) {
 		email, err := mail.ParseAddress(s)
 		if err != nil {
-			return "", NewWarning(fmt.Sprintf("not a valid email (%s)", err.Error()))
+			return "", NewWarningF("not a valid email (%s)", err.Error())
 		} else if !utils.IsValidEmail(email.Address) {
 			return "", NewWarning("not a valid email (%s)")
 		} else if checkEmail {
 			if !utils.CheckEmailMX(email) {
 				if !StillAddEmail {
-					return "", NewWarning(fmt.Sprintf("email (%s) check failed\n", s))
+					return "", NewWarningF("email (%s) check failed\n", s)
 				}
 			}
 		}
@@ -1076,7 +1076,7 @@ func CreateUserCertFromICA() {
 
 		ipsN, err := utils.ResolveDomainToIPs(s)
 		if err != nil {
-			return NewWarning(fmt.Sprintf("domain resolve error (%s)\n", err.Error()))
+			return NewWarningF("domain resolve error (%s)\n", err.Error())
 		} else if ipsN == nil {
 			return NewWarning("domain without ip")
 		}
@@ -1151,7 +1151,7 @@ func CreateUserCertFromICA() {
 		return
 	}
 
-	userCert, key, certInfo, err := cert.CreateCert(infoPath, icaInfo, cryptoType, keyLength, subject, keyUseage, extKeyUseage, domains, ips, emails, urls, notBefore, notAfter, icaCert, icaKey)
+	userCert, key, certInfo, err := cert.CreateCert(infoPath, icaInfo, cryptoType, keyLength, subject, keyUsage, extKeyUsage, domains, ips, emails, urls, notBefore, notAfter, icaCert, icaKey)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -1234,13 +1234,13 @@ func CreateUserCertSelf() {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(validity)
 
-	keyUseage, err := ReadKeyUsage("cert")
+	keyUsage, err := ReadKeyUsage("auto_cert")
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
 	}
 
-	extKeyUseage, err := ReadExtKeyUsage()
+	extKeyUsage, err := ReadExtKeyUsage()
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return
@@ -1280,13 +1280,13 @@ func CreateUserCertSelf() {
 	emails, err := ReadMoreStringWithPolicy("Enter your email", func(s string) (string, error) {
 		email, err := mail.ParseAddress(s)
 		if err != nil {
-			return "", NewWarning(fmt.Sprintf("not a valid email (%s)", err.Error()))
+			return "", NewWarningF("not a valid email (%s)", err.Error())
 		} else if !utils.IsValidEmail(email.Address) {
 			return "", NewWarning("not a valid email (%s)")
 		} else if checkEmail {
 			if !utils.CheckEmailMX(email) {
 				if !StillAddEmail {
-					return "", NewWarning(fmt.Sprintf("email (%s) check failed\n", s))
+					return "", NewWarningF("email (%s) check failed\n", s)
 				}
 			}
 		}
@@ -1323,7 +1323,7 @@ func CreateUserCertSelf() {
 
 		ipsN, err := utils.ResolveDomainToIPs(s)
 		if err != nil {
-			return NewWarning(fmt.Sprintf("domain resolve error (%s)\n", err.Error()))
+			return NewWarningF("domain resolve error (%s)\n", err.Error())
 		} else if ipsN == nil {
 			return NewWarning("domain without ip")
 		}
@@ -1458,7 +1458,7 @@ func CreateUserCertSelf() {
 		return
 	}
 
-	userCert, key, certInfo, err := cert.CreateSelfCert(infoPath, cryptoType, keyLength, subject, keyUseage, extKeyUseage, domains, ips, emails, urls, ocspURLs, issurURLs, crlURLs, notBefore, notAfter)
+	userCert, key, certInfo, err := cert.CreateSelfCert(infoPath, cryptoType, keyLength, subject, keyUsage, extKeyUsage, domains, ips, emails, urls, ocspURLs, issurURLs, crlURLs, notBefore, notAfter)
 	if err != nil {
 		fmt.Printf("Error: %s\n", err.Error())
 		return

src/mainfunc/myca/mycav1/read.go

@@ -136,7 +136,7 @@ func ReadSubject() (*global.CertSubject, error) {
 		return nil, err
 	}
 
-	_o := ReadMoreString("Enter the organization or company name")
+	_o := ReadMoreString("Enter the Organization or Company name")
 	if len(_o) != 0 {
 		err = res.Set("O", _o)
 		if err != nil {
@@ -392,33 +392,84 @@ func ReadKeyUsage(certType string) (x509.KeyUsage, error) {
 	var addRecord = make(map[x509.KeyUsage]bool, len(KeyUsageList))
 
 	fmt.Printf("Now we should setting the key usage.")
+
 	switch strings.ToLower(certType) {
 	case "ica":
 		fallthrough
 	case "rca":
-		fmt.Printf("The KeyUsageCertSign and KeyUsageCRLSign must be choose.")
-		res |= x509.KeyUsageCertSign
-		res |= x509.KeyUsageCRLSign
-
-		addRecord[x509.KeyUsageCertSign] = true
-		addRecord[x509.KeyUsageCRLSign] = true
+		fmt.Printf("Do you want to add the default key usage (KeyUsageCertSign and KeyUsageCRLSign) ?")
 	case "new_cert":
-		fmt.Printf("The KeyUsageDigitalSignature must be choose.")
-		res |= x509.KeyUsageDigitalSignature
-
-		addRecord[x509.KeyUsageDigitalSignature] = true
+		fmt.Printf("Do you want to add the default key usage (KeyUsageDigitalSignature) ?")
 	case "old_cert":
-		fmt.Printf("The KeyUsageKeyEncipherment must be choose.")
-		res |= x509.KeyUsageKeyEncipherment
-
-		addRecord[x509.KeyUsageKeyEncipherment] = true
+		fmt.Printf("Do you want to add the default key usage (KeyUsageKeyEncipherment) ?")
+	case "auto_cert":
+		fmt.Printf("Do you want to add the default key usage (KeyUsageDigitalSignature or KeyUsageKeyEncipherment) ?")
 	case "cert":
-		fmt.Printf("The KeyUsageDigitalSignature and KeyUsageKeyEncipherment must be choose.")
-		res |= x509.KeyUsageDigitalSignature
-		res |= x509.KeyUsageKeyEncipherment
+		fmt.Printf("Do you want to add the default key usage (KeyUsageDigitalSignature and KeyUsageKeyEncipherment) ?")
+	}
 
-		addRecord[x509.KeyUsageDigitalSignature] = true
-		addRecord[x509.KeyUsageKeyEncipherment] = true
+	if ReadBoolDefaultYesPrint() {
+		switch strings.ToLower(certType) {
+		case "ica":
+			fallthrough
+		case "rca":
+			fmt.Println("The KeyUsageCertSign and KeyUsageCRLSign be choose.")
+			res |= x509.KeyUsageCertSign
+			res |= x509.KeyUsageCRLSign
+
+			addRecord[x509.KeyUsageCertSign] = true
+			addRecord[x509.KeyUsageCRLSign] = true
+		case "new_cert":
+			fmt.Println("The KeyUsageDigitalSignature be choose.")
+			res |= x509.KeyUsageDigitalSignature
+
+			addRecord[x509.KeyUsageDigitalSignature] = true
+		case "old_cert":
+			fmt.Println("The KeyUsageKeyEncipherment must be choose.")
+			res |= x509.KeyUsageKeyEncipherment
+
+			addRecord[x509.KeyUsageKeyEncipherment] = true
+		case "auto_cert":
+			fmt.Printf("What kind of certificate do you want to generate? Newer (with key exchange) / Older (with key encryption) / Both? [default=both/newer/older]: ")
+			switch strings.ToLower(ReadString()) {
+			case "n":
+				fallthrough
+			case "new":
+				fallthrough
+			case "newer":
+				fmt.Println("The KeyUsageDigitalSignature be choose.")
+				res |= x509.KeyUsageDigitalSignature
+
+				addRecord[x509.KeyUsageDigitalSignature] = true
+			case "o":
+				fallthrough
+			case "old":
+				fallthrough
+			case "older":
+				fmt.Println("The KeyUsageKeyEncipherment be choose.")
+				res |= x509.KeyUsageKeyEncipherment
+
+				addRecord[x509.KeyUsageKeyEncipherment] = true
+			case "b":
+				fallthrough
+			case "both":
+				fallthrough
+			default:
+				fmt.Println("The KeyUsageDigitalSignature and KeyUsageKeyEncipherment be choose.")
+				res |= x509.KeyUsageDigitalSignature
+				res |= x509.KeyUsageKeyEncipherment
+
+				addRecord[x509.KeyUsageDigitalSignature] = true
+				addRecord[x509.KeyUsageKeyEncipherment] = true
+			}
+		case "cert":
+			fmt.Println("The KeyUsageDigitalSignature and KeyUsageKeyEncipherment be choose.")
+			res |= x509.KeyUsageDigitalSignature
+			res |= x509.KeyUsageKeyEncipherment
+
+			addRecord[x509.KeyUsageDigitalSignature] = true
+			addRecord[x509.KeyUsageKeyEncipherment] = true
+		}
 	}
 
 	fmt.Printf("There will show the other Key Usage that you can add to you cert: \n")
@@ -459,6 +510,7 @@ func ReadKeyUsage(certType string) (x509.KeyUsage, error) {
 }
 
 var ExtKeyUsageList = []x509.ExtKeyUsage{
+	x509.ExtKeyUsageAny,
 	x509.ExtKeyUsageServerAuth,
 	x509.ExtKeyUsageClientAuth,
 	x509.ExtKeyUsageCodeSigning,
@@ -475,6 +527,7 @@ var ExtKeyUsageList = []x509.ExtKeyUsage{
 }
 
 var ExtKeyUsageMap = map[x509.ExtKeyUsage]string{
+	x509.ExtKeyUsageAny:                            "ExtKeyUsageAny",
 	x509.ExtKeyUsageServerAuth:                     "ExtKeyUsageServerAuth",
 	x509.ExtKeyUsageClientAuth:                     "ExtKeyUsageClientAuth",
 	x509.ExtKeyUsageCodeSigning:                    "ExtKeyUsageCodeSigning",
@@ -499,16 +552,13 @@ func ReadExtKeyUsage() ([]x509.ExtKeyUsage, error) {
 	case "n":
 		fallthrough
 	case "no":
-		return res, nil
-
+		return make([]x509.ExtKeyUsage, 0, 0), nil
 	case "all":
 		fallthrough
 	case "a":
 		fallthrough
 	default:
-		res = append(res, x509.ExtKeyUsageAny)
-		return res, nil
-
+		return utils.CopySlice(ExtKeyUsageList), nil
 	case "choose":
 		fallthrough
 	case "c":