The highest tagged major version is
Documentation
¶
Index ¶
- func AllSupportedKeySizes() []int
- func GenerateECDSAPrivateKey(curve EllipticCurve) (*ecdsa.PrivateKey, error)
- func GenerateRSAPrivateKey(size int) (*rsa.PrivateKey, error)
- func GenerateRequest(request *Request, privateKey crypto.Signer) error
- func GetCertificatePEMBlock(cert []byte) *pem.Block
- func GetCertificateRequestPEMBlock(request []byte) *pem.Block
- func GetEncryptedPrivateKeyPEMBock(key crypto.Signer, password []byte) (*pem.Block, error)
- func GetPrivateKeyPEMBock(key crypto.Signer) (*pem.Block, error)
- func PublicKey(priv crypto.Signer) crypto.PublicKey
- type CSrOriginOption
- type CertificateInfo
- type ChainOption
- type CustomField
- type CustomFieldType
- type EllipticCurve
- type ImportRequest
- type ImportResponse
- type KeyType
- type Location
- type PEMCollection
- type RenewalRequest
- type Request
- type RevocationRequest
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AllSupportedKeySizes ¶
func AllSupportedKeySizes() []int
func GenerateECDSAPrivateKey ¶
func GenerateECDSAPrivateKey(curve EllipticCurve) (*ecdsa.PrivateKey, error)
GenerateECDSAPrivateKey generates a new ecdsa private key using the curve specified
func GenerateRSAPrivateKey ¶
func GenerateRSAPrivateKey(size int) (*rsa.PrivateKey, error)
GenerateRSAPrivateKey generates a new rsa private key using the size specified
func GenerateRequest ¶
GenerateRequest generates a certificate request Please use method Request.GenerateCSR() TODO: Remove usage from all libraries, deprecated
func GetCertificatePEMBlock ¶
GetCertificatePEMBlock gets the certificate as a PEM data block
func GetCertificateRequestPEMBlock ¶
GetCertificateRequestPEMBlock gets the certificate request as a PEM data block
func GetEncryptedPrivateKeyPEMBock ¶
GetEncryptedPrivateKeyPEMBock gets the private key as an encrypted PEM data block
func GetPrivateKeyPEMBock ¶
GetPrivateKeyPEMBock gets the private key as a PEM data block
Types ¶
type CSrOriginOption ¶
type CSrOriginOption int
const ( // LocalGeneratedCSR - this vcert library generates CSR internally based on Request data LocalGeneratedCSR CSrOriginOption = iota // local generation is default. // ServiceGeneratedCSR - server generate CSR internally based on zone configuration and data from Request ServiceGeneratedCSR // UserProvidedCSR - client provides CSR from external resource and vcert library just check and send this CSR to server UserProvidedCSR )
type CertificateInfo ¶
type ChainOption ¶
type ChainOption int
ChainOption represents the options to be used with the certificate chain
const ( //ChainOptionRootLast specifies the root certificate should be in the last position of the chain ChainOptionRootLast ChainOption = iota //ChainOptionRootFirst specifies the root certificate should be in the first position of the chain ChainOptionRootFirst //ChainOptionIgnore specifies the chain should be ignored ChainOptionIgnore )
func ChainOptionFromString ¶
func ChainOptionFromString(order string) ChainOption
ChainOptionFromString converts the string to the corresponding ChainOption
type CustomField ¶
type CustomField struct {
Type CustomFieldType
Name string
Value string
}
CustomField can be used for adding additional information to certificate. For example: custom fields or Origin. By default it's custom field. For adding Origin set Type: CustomFieldOrigin For adding custom field with one name and few values give to request:
request.CustomFields = []CustomField{
{Name: "name1", Value: "value1"}
{Name: "name1", Value: "value2"}
}
type CustomFieldType ¶
type CustomFieldType int
const ( CustomFieldPlain CustomFieldType = 0 + iota CustomFieldOrigin )
type EllipticCurve ¶
type EllipticCurve int
EllipticCurve represents the types of supported elliptic curves
const ( EllipticCurveNotSet EllipticCurve = iota // EllipticCurveP521 represents the P521 curve EllipticCurveP521 // EllipticCurveP256 represents the P256 curve EllipticCurveP256 // EllipticCurveP384 represents the P384 curve EllipticCurveP384 EllipticCurveDefault = EllipticCurveP256 )
func AllSupportedCurves ¶
func AllSupportedCurves() []EllipticCurve
func (*EllipticCurve) Set ¶
func (ec *EllipticCurve) Set(value string) error
Set EllipticCurve value via a string
func (*EllipticCurve) String ¶
func (ec *EllipticCurve) String() string
type ImportRequest ¶
type ImportResponse ¶
type KeyType ¶
type KeyType int
KeyType represents the types of supported keys
func (*KeyType) X509Type ¶
func (kt *KeyType) X509Type() x509.PublicKeyAlgorithm
type PEMCollection ¶
type PEMCollection struct {
Certificate string `json:",omitempty"`
PrivateKey string `json:",omitempty"`
Chain []string `json:",omitempty"`
CSR string `json:",omitempty"`
}
PEMCollection represents a collection of PEM data
func NewPEMCollection ¶
func NewPEMCollection(certificate *x509.Certificate, privateKey crypto.Signer, privateKeyPassword []byte) (*PEMCollection, error)
NewPEMCollection creates a PEMCollection based on the data being passed in
func PEMCollectionFromBytes ¶
func PEMCollectionFromBytes(certBytes []byte, chainOrder ChainOption) (*PEMCollection, error)
PEMCollectionFromBytes creates a PEMCollection based on the data passed in
func (*PEMCollection) AddChainElement ¶
func (col *PEMCollection) AddChainElement(certificate *x509.Certificate) error
AddChainElement adds a chain element to the collection
func (*PEMCollection) AddPrivateKey ¶
func (col *PEMCollection) AddPrivateKey(privateKey crypto.Signer, privateKeyPassword []byte) error
AddPrivateKey adds a Private Key to the PEMCollection. Note that the collection can only contain one private key
func (*PEMCollection) ToTLSCertificate ¶
func (col *PEMCollection) ToTLSCertificate() tls.Certificate
type RenewalRequest ¶
type Request ¶
type Request struct {
CADN string
Subject pkix.Name
DNSNames []string
OmitSANs bool
EmailAddresses []string
IPAddresses []net.IP
URIs []*url.URL
UPNs []string
Attributes []pkix.AttributeTypeAndValueSET
SignatureAlgorithm x509.SignatureAlgorithm
FriendlyName string
KeyType KeyType
KeyLength int
KeyCurve EllipticCurve
PrivateKey crypto.Signer
CsrOrigin CSrOriginOption
PickupID string
//Cloud Certificate ID
CertID string
ChainOption ChainOption
KeyPassword string
FetchPrivateKey bool
/* Thumbprint is here because *Request is used in RetrieveCertificate().
Code should be refactored so that RetrieveCertificate() uses some abstract search object, instead of *Request{PickupID} */
Thumbprint string
Timeout time.Duration
CustomFields []CustomField
Location *Location
ValidityHours int
IssuerHint string
// contains filtered or unexported fields
}
Request contains data needed to generate a certificate request CSR is a PEM-encoded Certificate Signing Request
func NewRequest ¶
func NewRequest(cert *x509.Certificate) *Request
NewRequest duplicates new Request object based on issued certificate
func (*Request) CheckCertificate ¶
CheckCertificate validate that certificate returned by server matches data in request object. It can be used for control server.
func (*Request) GenerateCSR ¶
GenerateCSR creates CSR for sending to server based on data from Request fields. It rewrites CSR field if it`s already filled.
func (*Request) GeneratePrivateKey ¶
GeneratePrivateKey creates private key (if it doesn`t already exist) based on request.KeyType, request.KeyLength and request.KeyCurve fileds
Source Files