certificates

package

v0.0.0-...-affaa53 Latest Latest Go to latest Published: Jun 28, 2019 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Szymongib/kyma

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GetCommonName(subject string) string
func GetCountry(subject string) string
func GetLocality(subject string) string
func GetOrganization(subject string) string
func GetOrganizationalUnit(subject string) string
func GetProvince(subject string) string
type CSRSubject
- func (s CSRSubject) ToString() string
type CertInfo
type CertificateUtility
- func NewCertificateUtility(certificateValidityTime time.Duration) CertificateUtility
type EncodedCertificateChain
type HeaderParser
- func NewHeaderParser(country, province, locality, organization, unit string, central bool) HeaderParser
type Service
- func NewCertificateService(secretRepository secrets.Repository, certUtil CertificateUtility, ...) Service
type SubjectVerification

Constants ¶

View Source

const ClientCertHeader = "X-Forwarded-Client-Cert"

Variables ¶

This section is empty.

Functions ¶

func GetCommonName ¶

func GetCommonName(subject string) string

func GetCountry ¶

func GetCountry(subject string) string

func GetLocality ¶

func GetLocality(subject string) string

func GetOrganization ¶

func GetOrganization(subject string) string

func GetOrganizationalUnit ¶

func GetOrganizationalUnit(subject string) string

func GetProvince ¶

func GetProvince(subject string) string

Types ¶

type CSRSubject ¶

type CSRSubject struct {
	CommonName         string
	Country            string
	Organization       string
	OrganizationalUnit string
	Locality           string
	Province           string
}

func (CSRSubject) ToString ¶

func (s CSRSubject) ToString() string

type CertInfo ¶

type CertInfo struct {
	Hash    string
	Subject string
}

type CertificateUtility ¶

type CertificateUtility interface {
	LoadCert(encodedData []byte) (*x509.Certificate, apperrors.AppError)
	LoadKey(encodedData []byte) (*rsa.PrivateKey, apperrors.AppError)
	LoadCSR(encodedData []byte) (*x509.CertificateRequest, apperrors.AppError)
	CheckCSRValues(csr *x509.CertificateRequest, subject CSRSubject) apperrors.AppError
	SignCSR(caCrt *x509.Certificate, csr *x509.CertificateRequest, caKey *rsa.PrivateKey) ([]byte, apperrors.AppError)
	AddCertificateHeaderAndFooter(crtRaw []byte) []byte
}

func NewCertificateUtility ¶

func NewCertificateUtility(certificateValidityTime time.Duration) CertificateUtility

type EncodedCertificateChain ¶

type EncodedCertificateChain struct {
	CertificateChain  string
	ClientCertificate string
	CaCertificate     string
}

type HeaderParser ¶

type HeaderParser interface {
	ParseCertificateHeader(r http.Request) (CertInfo, apperrors.AppError)
}

func NewHeaderParser ¶

func NewHeaderParser(country, province, locality, organization, unit string, central bool) HeaderParser

type Service ¶

type Service interface {
	// SignCSR takes encoded CSR, validates subject and generates Certificate based on CA stored in secret
	// returns base64 encoded certificate chain
	SignCSR(encodedCSR []byte, subject CSRSubject) (EncodedCertificateChain, apperrors.AppError)
}

func NewCertificateService ¶

func NewCertificateService(secretRepository secrets.Repository, certUtil CertificateUtility, caSecretName, rootCACertificateSecretName types.NamespacedName) Service

type SubjectVerification ¶

type SubjectVerification func(i CertInfo) bool

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL