Documentation
¶
Index ¶
- Constants
- Variables
- func B64Decode(str string) (buf []byte, err error)
- func B64Encode(buf []byte) string
- func CmdRunBegin()
- func CreateClientHome() (string, error)
- func CreateToken(csp bccsp.BCCSP, cert []byte, key []byte, body []byte) (string, error)
- func DERCertToPEM(der []byte) []byte
- func DecodeToken(token string) (*x509.Certificate, string, string, error)
- func Fatal(format string, v ...interface{})
- func FileExists(name string) bool
- func FlagBool(flags *pflag.FlagSet, name, short string, def bool, desc string)
- func FlagInt(flags *pflag.FlagSet, name, short string, def int, desc string)
- func FlagString(flags *pflag.FlagSet, name, short string, def string, desc string)
- func GenECDSAToken(csp bccsp.BCCSP, cert []byte, key []byte, body []byte) (string, error)
- func GetCommandLineOptValue(optName string, remove bool) string
- func GetDB(driver string, dbPath string) (*sqlx.DB, error)
- func GetDefaultConfigFile(cmdName string) string
- func GetECPrivateKey(raw []byte) (*ecdsa.PrivateKey, error)
- func GetEnrollmentIDFromPEM(cert []byte) (string, error)
- func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string
- func GetKeyFromBytes(csp bccsp.BCCSP, key []byte) (bccsp.Key, error)
- func GetSerialAsHex(serial *big.Int) string
- func GetServerAddr() string
- func GetServerPort() string
- func GetServerProtocol() string
- func GetServerURL() string
- func GetUser() (string, string, error)
- func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)
- func HTTPRequestToString(req *http.Request) string
- func HTTPResponseToString(resp *http.Response) string
- func MakeFileAbs(file, dir string) (string, error)
- func Marshal(from interface{}, what string) ([]byte, error)
- func ParseObj(obj interface{}, cb func(*Field) error) error
- func RandomString(n int) string
- func ReadFile(file string) ([]byte, error)
- func RegisterFlags(flags *pflag.FlagSet, config interface{}, tags map[string]string) error
- func RemoveQuotes(str string) string
- func SetDefaultServerPort()
- func StrContained(str string, strs []string) bool
- func StructToString(si interface{}) string
- func Unmarshal(from []byte, to interface{}, what string) error
- func VerifyToken(csp bccsp.BCCSP, token string, body []byte) (*x509.Certificate, error)
- func WriteFile(file string, buf []byte, perm os.FileMode) error
- type ECDSASignature
- type Field
Constants ¶
const ( // TagDefault is the tag name for a default value of a field as recognized // by RegisterFlags. TagDefault = "def" // TagHelp is the tag name for a help message of a field as recognized // by RegisterFlags. TagHelp = "help" // TagOpt is the tag name for a one character option of a field as recognized // by RegisterFlags. For example, a value of "d" reserves "-d" for the // command line argument. TagOpt = "opt" // TagSkip is the tag name which causes the field to be skipped by // RegisterFlags. TagSkip = "skip" )
const SecretTag = "secret"
SecretTag to tag a field as secret as in password, token
Variables ¶
var ( // ErrNotImplemented used to return errors for functions not implemented ErrNotImplemented = errors.New("NOT YET IMPLEMENTED") )
var PassExpr = regexp.MustCompile(`[,]?password[,]?`)
PassExpr is the regular expression to check if a tag has 'password'
var RevocationReasonCodes = map[string]int{ "unspecified": ocsp.Unspecified, "keycompromise": ocsp.KeyCompromise, "cacompromise": ocsp.CACompromise, "affiliationchanged": ocsp.AffiliationChanged, "superseded": ocsp.Superseded, "cessationofoperation": ocsp.CessationOfOperation, "certificatehold": ocsp.CertificateHold, "removefromcrl": ocsp.RemoveFromCRL, "privilegewithdrawn": ocsp.PrivilegeWithdrawn, "aacompromise": ocsp.AACompromise, }
RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280
Functions ¶
func CmdRunBegin ¶
func CmdRunBegin()
CmdRunBegin is called at the beginning of each cobra run function
func CreateClientHome ¶
CreateClientHome will create a home directory if it does not exist
func CreateToken ¶
CreateToken creates a JWT-like token. In a normal JWT token, the format of the token created is:
<algorithm,claims,signature>
where each part is base64-encoded string separated by a period. In this JWT-like token, there are two differences:
- the claims section is a certificate, so the format is: <certificate,signature>
- the signature uses the private key associated with the certificate, and the signature is across both the certificate and the "body" argument, which is the body of an HTTP request, though could be any arbitrary bytes.
@param cert The pem-encoded certificate @param key The pem-encoded key @param body The body of an HTTP request
func DecodeToken ¶
DecodeToken extracts an X509 certificate and base64 encoded signature from a token
func FlagString ¶
FlagString sets up a flag for a string, binding it to its name
func GenECDSAToken ¶
GenECDSAToken signs the http body and cert with ECDSA using EC private key
func GetCommandLineOptValue ¶
GetCommandLineOptValue searches the command line arguments for the specified option and returns the following value if found; otherwise it returns "". If **remove** is true and it is found, the option and its value are removed from os.Args. For example, if command line is:
fabric-ca client enroll -config myconfig.json
GetCommandLineOptValue("-config",true) returns "myconfig.json" and changes os.Args to
fabric-ca client enroll
func GetDefaultConfigFile ¶
GetDefaultConfigFile gets the default path for the config file to display in usage message
func GetECPrivateKey ¶
func GetECPrivateKey(raw []byte) (*ecdsa.PrivateKey, error)
GetECPrivateKey get *ecdsa.PrivateKey from key pem
func GetEnrollmentIDFromPEM ¶
GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer
func GetEnrollmentIDFromX509Certificate ¶
func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string
GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate
func GetKeyFromBytes ¶
GetKeyFromBytes returns a BCCSP key given a byte buffer. The byte buffer should always contain the SKI and not the real private key; however, until we have complete BCCSP integration, we tolerate it being the real private key.
func GetSerialAsHex ¶
GetSerialAsHex returns the serial number from certificate as hex format
func GetServerProtocol ¶
func GetServerProtocol() string
GetServerProtocol returns the server's protocol
func GetX509CertificateFromPEM ¶
func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)
GetX509CertificateFromPEM converts a PEM buffer to an X509 Certificate
func HTTPRequestToString ¶
HTTPRequestToString returns a string for an HTTP request for debuggging
func HTTPResponseToString ¶
HTTPResponseToString returns a string for an HTTP response for debuggging
func MakeFileAbs ¶
MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute
func RegisterFlags ¶
RegisterFlags registers flags for all fields in an arbitrary 'config' object. This method recognizes the following field tags: "def" - the default value of the field; "opt" - the optional one character short name to use on the command line; "help" - the help message to display on the command line; "skip" - to skip the field.
func RemoveQuotes ¶
RemoveQuotes removes outer quotes from a string if necessary
func SetDefaultServerPort ¶
func SetDefaultServerPort()
SetDefaultServerPort overrides the default CFSSL server port by adding the "-port" option to the command line if it was not already present.
func StrContained ¶
StrContained returns true if 'str' is in 'strs'; otherwise return false
func StructToString ¶
func StructToString(si interface{}) string
StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string
func VerifyToken ¶
VerifyToken verifies token signed by either ECDSA or RSA and returns the associated user ID
Types ¶
type ECDSASignature ¶
ECDSASignature forms the structure for R and S value for ECDSA
Source Files