Documentation ¶
Overview ¶
Package store provides different methods to store a Public Key Infrastructure.
Index ¶
- Constants
- Variables
- func InitCADir(path string) error
- type Bolt
- type Local
- func (l *Local) Add(caName, name string, isCa bool, key, cert []byte) error
- func (l *Local) Exists(caName, name string) bool
- func (l *Local) Fetch(caName, name string) ([]byte, []byte, error)
- func (l *Local) Revoked(caName string) ([]pkix.RevokedCertificate, error)
- func (l *Local) Update(caName string, sn *big.Int, st certificate.State) error
- type Store
Constants ¶
const ( LocalCertsDir = "certs" LocalKeysDir = "keys" LocalCrlsDir = "crls" )
Predifined directory names.
Variables ¶
var (
ErrDoesNotExist = errors.New("does not exist")
)
Errors.
Functions ¶
Types ¶
type Bolt ¶
Bolt lets us store a Certificate Authority in a Bolt DB.
Certificate bundles are stored per CA bucket, and each of them has a keys bucket and a certs buckets.
func (*Bolt) Fetch ¶
Fetch fetchs the private key and certificate for a given name signed by caName.
type Local ¶
type Local struct {
Root string
}
Local lets us store a Certificate Authority on the local filesystem.
The structure used makes it compatible with openssl.
func (*Local) Exists ¶
Exists checks if a certificate or private key already exist on the local filesystem for a given name.
func (*Local) Fetch ¶
Fetch fetchs the private key and certificate for a given name signed by caName.
type Store ¶
type Store interface { // Add adds a newly signed certificate bundle to the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The certificate bundle name. // Is the bundle to add an intermediate CA. // The raw private key. // The raw certificate. // // Returns an error if it failed to store the bundle. Add(string, string, bool, []byte, []byte) error // Fetch fetches a certificate bundle from the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The name of the certificate bundle. // // Returns the raw private key and certificate respectively or an error. Fetch(string, string) ([]byte, []byte, error) // Update updates the state of a certificate. (Valid, Revoked, Expired) // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The serial of the certificate to update. // The new state. // // Returns an error if the update failed. Update(string, *big.Int, certificate.State) error // Revoked returns a list of revoked certificates for a given CA. // // Args: // The CA name, if it is for an intermediate CA. // // Returns a list of revoked certificate or an error. Revoked(string) ([]pkix.RevokedCertificate, error) }
Store reprents a way to store a Certificate Authority.