Documentation
¶
Index ¶
- func AllSupportedKeySizes() []int
- func GenerateECDSAPrivateKey(curve EllipticCurve) (*ecdsa.PrivateKey, error)
- func GenerateRSAPrivateKey(size int) (*rsa.PrivateKey, error)
- func GenerateRequest(request *Request, privateKey crypto.Signer) error
- func GetCertificatePEMBlock(cert []byte) *pem.Block
- func GetCertificateRequestPEMBlock(request []byte) *pem.Block
- func GetEncryptedPrivateKeyPEMBock(key interface{}, password []byte) (*pem.Block, error)
- func GetPrivateKeyPEMBock(key interface{}) (*pem.Block, error)
- func PublicKey(priv crypto.Signer) crypto.PublicKey
- type CSrOriginOption
- type ChainOption
- type EllipticCurve
- type ImportRequest
- type ImportResponse
- type KeyType
- type PEMCollection
- type RenewalRequest
- type Request
- type RevocationRequest
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AllSupportedKeySizes ¶
func AllSupportedKeySizes() []int
func GenerateECDSAPrivateKey ¶
func GenerateECDSAPrivateKey(curve EllipticCurve) (*ecdsa.PrivateKey, error)
GenerateECDSAPrivateKey generates a new ecdsa private key using the curve specified
func GenerateRSAPrivateKey ¶
func GenerateRSAPrivateKey(size int) (*rsa.PrivateKey, error)
GenerateRSAPrivateKey generates a new rsa private key using the size specified
func GenerateRequest ¶
GenerateRequest generates a certificate request please use method Request.GenerateCSR() todo: remove usage from all libraries deprecated
func GetCertificatePEMBlock ¶
GetCertificatePEMBlock gets the certificate as a PEM data block
func GetCertificateRequestPEMBlock ¶
GetCertificateRequestPEMBlock gets the certificate request as a PEM data block
func GetEncryptedPrivateKeyPEMBock ¶
GetEncryptedPrivateKeyPEMBock gets the private key as an encrypted PEM data block
func GetPrivateKeyPEMBock ¶
GetPrivateKeyPEMBock gets the private key as a PEM data block
Types ¶
type CSrOriginOption ¶
type CSrOriginOption int
const ( LocalGeneratedCSR CSrOriginOption = iota // local generation is default. ServiceGeneratedCSR UserProvidedCSR )
type ChainOption ¶
type ChainOption int
ChainOption represents the options to be used with the certificate chain
const ( //ChainOptionRootLast specifies the root certificate should be in the last position of the chain ChainOptionRootLast ChainOption = iota //ChainOptionRootFirst specifies the root certificate should be in the first position of the chain ChainOptionRootFirst //ChainOptionIgnore specifies the chain should be ignored ChainOptionIgnore )
func ChainOptionFromString ¶
func ChainOptionFromString(order string) ChainOption
ChainOptionFromString converts the string to the corresponding ChainOption
type EllipticCurve ¶
type EllipticCurve int
EllipticCurve represents the types of supported elliptic curves
const ( //EllipticCurveP521 represents the P521 curve EllipticCurveP521 EllipticCurve = iota //EllipticCurveP224 represents the P224 curve EllipticCurveP224 //EllipticCurveP256 represents the P256 curve EllipticCurveP256 //EllipticCurveP384 represents the P384 curve EllipticCurveP384 EllipticCurveDefault = EllipticCurveP521 )
func AllSupportedCurves ¶
func AllSupportedCurves() []EllipticCurve
func (*EllipticCurve) Set ¶
func (ec *EllipticCurve) Set(value string) error
Set the elliptic cuve value via a string
func (*EllipticCurve) String ¶
func (ec *EllipticCurve) String() string
type ImportRequest ¶
type ImportRequest struct {
PolicyDN string `json:",omitempty"`
ObjectName string `json:",omitempty"`
CertificateData string `json:",omitempty"`
PrivateKeyData string `json:",omitempty"`
Password string `json:",omitempty"`
Reconcile bool `json:",omitempty"`
CASpecificAttributes map[string]string `json:",omitempty"`
}
type ImportResponse ¶
type KeyType ¶
type KeyType int
KeyType represents the types of supported keys
func (*KeyType) X509Type ¶
func (kt *KeyType) X509Type() x509.PublicKeyAlgorithm
type PEMCollection ¶
type PEMCollection struct {
Certificate string `json:",omitempty"`
PrivateKey string `json:",omitempty"`
Chain []string `json:",omitempty"`
}
PEMCollection represents a collection of PEM data
func NewPEMCollection ¶
func NewPEMCollection(certificate *x509.Certificate, privateKey interface{}, privateKeyPassword []byte) (*PEMCollection, error)
NewPEMCollection creates a PEMCollection based on the data being passed in
func PEMCollectionFromBytes ¶
func PEMCollectionFromBytes(certBytes []byte, chainOrder ChainOption) (*PEMCollection, error)
PEMCollectionFromBytes creates a PEMCollection based on the data passed in
func (*PEMCollection) AddChainElement ¶
func (col *PEMCollection) AddChainElement(certificate *x509.Certificate) error
AddChainElement adds a chain element to the collection
func (*PEMCollection) AddPrivateKey ¶
func (col *PEMCollection) AddPrivateKey(privateKey interface{}, privateKeyPassword []byte) error
AddPrivateKey adds a Private Key to the PEMCollection. Note that the collection can only contain one private key
type RenewalRequest ¶
type Request ¶
type Request struct {
Subject pkix.Name
DNSNames []string
EmailAddresses []string
IPAddresses []net.IP
Attributes []pkix.AttributeTypeAndValueSET
SignatureAlgorithm x509.SignatureAlgorithm
PublicKeyAlgorithm x509.PublicKeyAlgorithm //deprecated
FriendlyName string
KeyType KeyType
KeyLength int
KeyCurve EllipticCurve
CSR []byte //should be pem encoded CSR
PrivateKey crypto.Signer
CsrOrigin CSrOriginOption
PickupID string
ChainOption ChainOption
KeyPassword string
FetchPrivateKey bool
Thumbprint string /* this one is here because *Request is used in RetrieveCertificate(),
it should be refactored so that RetrieveCertificate() uses
some abstract search object, instead of *Request{PickupID} */
Timeout time.Duration
}
Request contains data needed to generate a certificate request CSR is pem encoded Certificate Signed Request
func NewRequest ¶
func NewRequest(cert *x509.Certificate) *Request
Source Files