cert

package
v0.24.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 7, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

View Source
const (
	RSAPrivateKeyType = "RSA PRIVATE KEY"
	PrivateKeyType    = "PRIVATE KEY"
	ECPrivateKeyType  = "EC PRIVATE KEY"
	CertRequestType   = "CERTIFICATE REQUEST"
)

Variables

This section is empty.

Functions

func CheckSSLCertSecret added in v0.22.0

func CheckSSLCertSecret(secret *corev1.Secret) error

func DecodeCertificate

func DecodeCertificate(raw []byte) (cert *x509.Certificate, err error)

DecodeCertificate returns an x509.Certificate for a PEM encoded certificate

func DecodePrivateKeyBytes added in v0.20.1

func DecodePrivateKeyBytes(keyBytes []byte) (key crypto.Signer, err error)

DecodePrivateKeyBytes will decode a PEM encoded private key into a crypto.Signer. It supports ECDSA, PKCS1, PKCS8 private key format only. All other types will return err.

func EnsureSecretPassJKS

func EnsureSecretPassJKS(secret *corev1.Secret) (injected *corev1.Secret, err error)

EnsureSecretPassJKS ensures a JKS password is present in a certificate secret

func GenerateJKS

func GenerateJKS(certs []*x509.Certificate, privateKey []byte) (out, passw []byte, err error)

GenerateJKS creates a JKS with a random password from a client cert/key combination

func GenerateJKSFromByte

func GenerateJKSFromByte(certByte []byte, privateKey []byte, caCert []byte) (out, passw []byte, err error)

func GeneratePass

func GeneratePass(length int) (passw []byte)

GeneratePass generates a random password

func GeneratePrivateKeyInPemFormat

func GeneratePrivateKeyInPemFormat() ([]byte, error)

GeneratePrivateKeyInPemFormat is used to generate a private key in a pem format

func GenerateSigningRequestInPemFormat

func GenerateSigningRequestInPemFormat(priv *rsa.PrivateKey, commonName string, dnsNames []string) ([]byte, error)

GenerateSigningRequestInPemFormat is used to generate a signing request in a pem format

func GenerateTestCert

func GenerateTestCert() (cert, key []byte, expectedDn string, err error)

GenerateTestCert is used from unit tests for generating certificates

func GetCertBundle

func GetCertBundle(certContainers []*CertificateContainer) []*x509.Certificate

func ParseKeyStoreToTLSCertificate added in v0.22.0

func ParseKeyStoreToTLSCertificate(keystore, password []byte) (tls.Certificate, error)

func ParseTrustStoreToCaChain added in v0.22.0

func ParseTrustStoreToCaChain(truststore, password []byte) ([]*x509.Certificate, error)

Types

type CertificateContainer

type CertificateContainer struct {
	// Certificate
	Certificate *x509.Certificate
	// PEM holds the certificate in PEM format
	PEM *pem.Block
}

func ParseCertificates

func ParseCertificates(data []byte) ([]*CertificateContainer, error)

func (CertificateContainer) ToPEM

func (c CertificateContainer) ToPEM() []byte

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL