certificates

package
v1.4.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 16, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateCertReq

func CreateCertReq(opts *CertOptions, privateKey *rsa.PrivateKey) (*x509.CertificateRequest, error)

CreateCertReq creates a new x.509 certificate request for an existing private key.

func CreateCertReqWithKey

func CreateCertReqWithKey(opts *CertOptions) (*x509.CertificateRequest, *rsa.PrivateKey, error)

CreateCertReqWithKey creates a new x.509 certificate request with a newly generated private key.

func InitCA

func InitCA(opts *CertOptions, certOut, keyOut string, osWrapper Oser) error

InitCA Initialize Certificate Authority.

func LoadCertificate

func LoadCertificate(filename string, osWrapper Oser) (*x509.Certificate, error)

LoadCertificate loads a single certificate from a file.

func LoadFromPEMFile

func LoadFromPEMFile(filename string, osWrapper Oser) ([]interface{}, error)

LoadFromPEMFile loads certificate data from a PEM file.

func LoadPrivateKey

func LoadPrivateKey(filename string, osWrapper Oser) (*rsa.PrivateKey, error)

LoadPrivateKey loads a single RSA private key from a file.

func LoadPublicKey

func LoadPublicKey(filename string, osWrapper Oser) (*rsa.PublicKey, error)

LoadPublicKey loads a single RSA public key from a file.

func LoadRequest

func LoadRequest(filename string, osWrapper Oser) (*x509.CertificateRequest, error)

LoadRequest loads a single certificate request from a file.

func MakeReq

func MakeReq(opts *CertOptions, keyIn, keyOut, reqOut string, osWrapper Oser) error

MakeReq Create Certificate Request.

func SaveToPEMFile

func SaveToPEMFile(filename string, data []interface{}, osWrapper Oser) error

SaveToPEMFile saves certificate data to a PEM file.

func SignCertReq

func SignCertReq(req *x509.CertificateRequest, ca *CA, opts *CertOptions) (*x509.Certificate, error)

SignCertReq signs a certificate request using a CA key.

func SignReq

func SignReq(opts *CertOptions, caCrtPath, caKeyPath, reqPath, certOut string, verify bool, osWrapper Oser) error

SignReq Sign Certificate Request.

Types

type CA

type CA struct {
	Certificate *x509.Certificate
	PrivateKey  *rsa.PrivateKey
}

CA contains internal data for a certificate authority.

func CreateCA

func CreateCA(opts *CertOptions, rsaWrapper Rsaer) (*CA, error)

CreateCA initializes a new CertKeyPair from given parameters.

type CertNames

type CertNames struct {
	DNSNames    []string
	NodeIDs     []string
	IPAddresses []net.IP
}

CertNames lists the subjectAltNames that can be assigned to a certificate or request.

func GetReqNames

func GetReqNames(request *x509.CertificateRequest) (*CertNames, error)

GetReqNames returns the names coded into a certificate request, including Receptor node IDs.

type CertOptions

type CertOptions struct {
	CertNames
	CommonName string
	Bits       int
	NotBefore  time.Time
	NotAfter   time.Time
}

CertOptions are the parameters used to initialize a new certificate or request.

type InitCAConfig added in v1.4.9

type InitCAConfig struct {
	CommonName string `description:"Common name to assign to the certificate" required:"Yes"`
	Bits       int    `description:"Bit length of the encryption keys of the certificate" required:"Yes"`
	NotBefore  string `description:"Effective (NotBefore) date/time, in RFC3339 format"`
	NotAfter   string `description:"Expiration (NotAfter) date/time, in RFC3339 format"`
	OutCert    string `description:"File to save the CA certificate to" required:"Yes"`
	OutKey     string `description:"File to save the CA private key to" required:"Yes"`
}

func (InitCAConfig) Run added in v1.4.9

func (ica InitCAConfig) Run() (err error)

type MakeReqConfig added in v1.4.9

type MakeReqConfig struct {
	CommonName string   `description:"Common name to assign to the certificate" required:"Yes"`
	Bits       int      `description:"Bit length of the encryption keys of the certificate"`
	DNSName    []string `description:"DNS names to add to the certificate"`
	IPAddress  []string `description:"IP addresses to add to the certificate"`
	NodeID     []string `description:"Receptor node IDs to add to the certificate"`
	OutReq     string   `description:"File to save the certificate request to" required:"Yes"`
	InKey      string   `description:"Private key to use for the request"`
	OutKey     string   `description:"File to save the private key to (new key will be generated)"`
}

func (MakeReqConfig) Prepare added in v1.4.9

func (mr MakeReqConfig) Prepare() error

func (MakeReqConfig) Run added in v1.4.9

func (mr MakeReqConfig) Run() error

type OsWrapper added in v1.4.6

type OsWrapper struct{}

OsWrapper is the Wrapper structure for Oser.

func (*OsWrapper) ReadFile added in v1.4.6

func (ow *OsWrapper) ReadFile(name string) ([]byte, error)

ReadFile for Oser defaults to os library call.

func (*OsWrapper) WriteFile added in v1.4.6

func (ow *OsWrapper) WriteFile(name string, data []byte, perm fs.FileMode) error

WriteFile for Oser defaults to os library call.

type Oser added in v1.4.6

type Oser interface {
	ReadFile(name string) ([]byte, error)
	WriteFile(name string, data []byte, perm fs.FileMode) error
}

Oser is the function calls interfaces for mocking os.

type RsaWrapper added in v1.4.4

type RsaWrapper struct{}

RsaWrapper is the Wrapper structure for Rsaer.

func (*RsaWrapper) GenerateKey added in v1.4.4

func (rw *RsaWrapper) GenerateKey(random io.Reader, bits int) (*rsa.PrivateKey, error)

GenerateKey for RsaWrapper defaults to rsa library call.

type Rsaer added in v1.4.4

type Rsaer interface {
	GenerateKey(random io.Reader, bits int) (*rsa.PrivateKey, error)
}

Rsaer is the function calls interface for mocking rsa.

type SignReqConfig added in v1.4.9

type SignReqConfig struct {
	Req       string `description:"Certificate Request PEM filename" required:"Yes"`
	CACert    string `description:"CA certificate PEM filename" required:"Yes"`
	CAKey     string `description:"CA private key PEM filename" required:"Yes"`
	NotBefore string `description:"Effective (NotBefore) date/time, in RFC3339 format"`
	NotAfter  string `description:"Expiration (NotAfter) date/time, in RFC3339 format"`
	OutCert   string `description:"File to save the signed certificate to" required:"Yes"`
	Verify    bool   `description:"If true, do not prompt the user for verification" default:"False"`
}

func (SignReqConfig) Run added in v1.4.9

func (sr SignReqConfig) Run() error

Directories

Path Synopsis
Package mock_certificates is a generated GoMock package.
Package mock_certificates is a generated GoMock package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL