Documentation ¶
Overview ¶
Package ca : Symbios Certificate Authority Author: Dario Nascimento
Package ca : Symbios Certificate Authority Author: Dario Nascimento
Index ¶
- func CreateHTTPSKeys(outKey, outCert *string) error
- func GetCertificateFingerprint() ([]byte, error)
- func GetRootCertificate() ([]byte, error)
- func HTTPServer(port int, userKey string, keylength int, organization string, country string, ...) error
- func HandleCSR(w http.ResponseWriter, req *http.Request)
- func HandleCertFingerprintRequest(w http.ResponseWriter, req *http.Request)
- func HandleCertRequest(w http.ResponseWriter, req *http.Request)
- func NewRootCertificate(keylength int, expires time.Time, organization, country string) (*pkix.Key, *pkix.Certificate, *pkix.CertificateAuthorityInfo, error)
- func SetUserCertificate(cert *pkix.Certificate)
- func SignCSR(csr *pkix.CertificateSigningRequest, token string, days int) (*pkix.Certificate, error)
- func ValidateToken(userToken string, certificate *pkix.Certificate, hostname *string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateHTTPSKeys ¶
CreateHTTPSKeys generates a key-pair signed by the CA to be used in its HTTPS server
func GetCertificateFingerprint ¶
GetCertificateFingerprint returns the fingerprint (SHA256) of root-certificate
func GetRootCertificate ¶
GetRootCertificate returns the root-certificate encoded in PEM
func HTTPServer ¶
func HTTPServer(port int, userKey string, keylength int, organization string, country string, expires time.Time, days int) error
HTTPServer is the main CA method: read the user key, create a root certificate and start the CA HTTTS server
func HandleCSR ¶
func HandleCSR(w http.ResponseWriter, req *http.Request)
HandleCSR handles a request to sign the CSR creating a certificate
func HandleCertFingerprintRequest ¶
func HandleCertFingerprintRequest(w http.ResponseWriter, req *http.Request)
HandleCertFingerprintRequest handles a request to get the root-certificate fingerprint
func HandleCertRequest ¶
func HandleCertRequest(w http.ResponseWriter, req *http.Request)
HandleCertRequest handles a request to get the root-certificate
func NewRootCertificate ¶
func NewRootCertificate(keylength int, expires time.Time, organization, country string) (*pkix.Key, *pkix.Certificate, *pkix.CertificateAuthorityInfo, error)
NewRootCertificate creates a new certificate authority root certificate
func SetUserCertificate ¶
func SetUserCertificate(cert *pkix.Certificate)
SetUserCertificate defines the current user certificate
func SignCSR ¶
func SignCSR(csr *pkix.CertificateSigningRequest, token string, days int) (*pkix.Certificate, error)
SignCSR signs the Certificate Signing Request if the token is valid, generating a certificate with time-to-live ttl
func ValidateToken ¶
func ValidateToken(userToken string, certificate *pkix.Certificate, hostname *string) error
ValidateToken validate a token signed by the given certificate with the subject hostname
Types ¶
This section is empty.