pki

package

v1.0.9 Latest Latest Go to latest Published: Jan 4, 2021 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/criticalstack/crit

Links

Open Source Insights

Documentation ¶

Index ¶

func EncodeCertPEM(cert *x509.Certificate) []byte
func GenerateBootstrapToken() (id string, secret string)
func GenerateCertHash(data []byte) ([]byte, error)
func GenerateCertHashFromFile(caCertPath string) ([]byte, error)
func MustEncodePrivateKeyPem(key crypto.Signer) []byte
func NewPrivateKey() (crypto.Signer, error)
func NewSelfSignedCACert(cfg *Config, key crypto.Signer) (*x509.Certificate, error)
func NewSignedCert(cfg *Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
func ReadCertFromFile(path string) (*x509.Certificate, error)
func ReadKeyFromFile(path string) (crypto.Signer, error)
func WriteCert(path, name string, cert *x509.Certificate) error
func WriteCertAndKey(path, name string, cert *x509.Certificate, key crypto.Signer) error
func WriteKey(path, name string, key crypto.Signer) error
func WritePublicKey(path, name string, key crypto.PublicKey) error
type AltNames
type CertificateAuthority
- func LoadCertificateAuthority(path, name string) (*CertificateAuthority, error)
- func NewCertificateAuthority(name string, cfg *Config) (*CertificateAuthority, error)
- func (c *CertificateAuthority) NewSignedKeyPair(name string, cfg *Config) (*KeyPair, error)
type Config
type KeyPair
- func LoadKeyPair(path, name string) (*KeyPair, error)
- func (k *KeyPair) WriteFiles(dir string) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func EncodeCertPEM ¶

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func GenerateBootstrapToken ¶

func GenerateBootstrapToken() (id string, secret string)

GenerateBootstrapToken constructs a bootstrap token in conformance with the following format: https://kubernetes.io/docs/admin/bootstrap-tokens/#token-format

func GenerateCertHash ¶

func GenerateCertHash(data []byte) ([]byte, error)

func GenerateCertHashFromFile ¶

func GenerateCertHashFromFile(caCertPath string) ([]byte, error)

func MustEncodePrivateKeyPem ¶

func MustEncodePrivateKeyPem(key crypto.Signer) []byte

func NewPrivateKey ¶

func NewPrivateKey() (crypto.Signer, error)

func NewSelfSignedCACert ¶

func NewSelfSignedCACert(cfg *Config, key crypto.Signer) (*x509.Certificate, error)

NewSelfSignedCACert creates a CA certificate

func NewSignedCert ¶

func NewSignedCert(cfg *Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ReadCertFromFile ¶

func ReadCertFromFile(path string) (*x509.Certificate, error)

func ReadKeyFromFile ¶

func ReadKeyFromFile(path string) (crypto.Signer, error)

func WriteCert ¶

func WriteCert(path, name string, cert *x509.Certificate) error

func WriteCertAndKey ¶

func WriteCertAndKey(path, name string, cert *x509.Certificate, key crypto.Signer) error

func WriteKey ¶

func WriteKey(path, name string, key crypto.Signer) error

func WritePublicKey ¶

func WritePublicKey(path, name string, key crypto.PublicKey) error

Types ¶

type AltNames ¶

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type CertificateAuthority ¶

type CertificateAuthority struct {
	*KeyPair
}

func LoadCertificateAuthority ¶

func LoadCertificateAuthority(path, name string) (*CertificateAuthority, error)

func NewCertificateAuthority ¶

func NewCertificateAuthority(name string, cfg *Config) (*CertificateAuthority, error)

func (*CertificateAuthority) NewSignedKeyPair ¶

func (c *CertificateAuthority) NewSignedKeyPair(name string, cfg *Config) (*KeyPair, error)

NewSignedKeyPair returns a new KeyPair signed by the CA.

type Config ¶

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate

type KeyPair ¶

type KeyPair struct {
	Name string
	Cert *x509.Certificate
	Key  crypto.Signer
}

func LoadKeyPair ¶

func LoadKeyPair(path, name string) (*KeyPair, error)

func (*KeyPair) WriteFiles ¶

func (k *KeyPair) WriteFiles(dir string) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL