testca

package
v0.8.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 12, 2021 License: Apache-2.0, MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// DefaultCountry is the default subject Country.
	DefaultCountry = []string{"US"}

	// DefaultProvince is the default subject Province.
	DefaultProvince = []string{"CA"}

	// DefaultLocality is the default subject Locality.
	DefaultLocality = []string{"San Francisco"}

	// DefaultStreetAddress is the default subject StreetAddress.
	DefaultStreetAddress = []string(nil)

	// DefaultPostalCode is the default subject PostalCode.
	DefaultPostalCode = []string(nil)

	// DefaultCommonName is the default subject CommonName.
	DefaultCommonName = "[TEST]"
)

Functions

func MakeInvalidCertsChainTSA 

func MakeInvalidCertsChainTSA(t *testing.T, hours int) (crypto.Signer, *x509.Certificate, []*x509.Certificate, *x509.Certificate)

MakeInvalidCertsChainTSA creates invalid TSA cert with several critical EKU extensions

func MakeValidCertsChainTSA 

func MakeValidCertsChainTSA(t *testing.T, hours int, ec bool) (crypto.Signer, *x509.Certificate, []*x509.Certificate, *x509.Certificate)

MakeValidCertsChainTSA creates valid TSA cert with the only critical EKU extension for timestamping

func PrivKeyToPEM 

func PrivKeyToPEM(priv interface{}) []byte

PrivKeyToPEM exports private key to PEM

func ToDER 

func ToDER(priv interface{}) []byte

ToDER exports private key to DER

func ToPEM 

func ToPEM(cert *x509.Certificate) []byte

ToPEM exports cert to PEM

func ToPFX 

func ToPFX(cert *x509.Certificate, priv interface{}, password string) []byte

ToPFX converts cert with private key to PFX

func ToPKCS8 

func ToPKCS8(priv interface{}) []byte

ToPKCS8 exports private key to PKCS8

Types

type Entity 

type Entity struct {
	Issuer      *Entity
	PrivateKey  crypto.Signer
	Certificate *x509.Certificate
	NextSN      int64
}

Entity is a certificate and private key.

func NewEntity 

func NewEntity(opts ...Option) *Entity

NewEntity creates a new CA.

func (*Entity) Chain 

func (id *Entity) Chain() []*x509.Certificate

Chain builds a slice of *x509.Certificate from this CA and its issuers.

func (*Entity) ChainPool 

func (id *Entity) ChainPool() *x509.CertPool

ChainPool builds an *x509.CertPool from this CA and its issuers.

func (*Entity) IncrementSN 

func (id *Entity) IncrementSN() int64

IncrementSN returns the next serial number.

func (*Entity) Issue 

func (id *Entity) Issue(opts ...Option) *Entity

Issue issues a new Entity with this one as its parent.

func (*Entity) KeyAndCertChain 

func (id *Entity) KeyAndCertChain() *KeyAndCertChain

KeyAndCertChain returns chain for the PrivateKey

func (*Entity) PFX 

func (id *Entity) PFX(password string) []byte

PFX wraps the certificate and private key in an encrypted PKCS#12 packet. The provided password must be alphanumeric.

func (*Entity) Root 

func (id *Entity) Root() *x509.Certificate

Root returns root CA for this entity.

type KeyAndCertChain 

type KeyAndCertChain struct {
	PrivateKey  crypto.Signer
	Certificate *x509.Certificate
	Chain       []*x509.Certificate
	Root        *x509.Certificate
}

KeyAndCertChain provides PrivateKey and its certificates chain

type Option 

type Option option

Option is an option that can be passed to New(). 

var Authority Option = func(c *configuration) {
	c.isCA = true
}

Authority is an Option for making an entity a certificate authority.

func CrlDpURL 

func CrlDpURL(value ...string) Option

CrlDpURL is an Option for setting the entity's certificate's CRL Distribution Point.

func DNSName added in v0.5.0 

func DNSName(value ...string) Option

DNSName is an Option for setting the SAN.

func ExtKeyUsage 

func ExtKeyUsage(value x509.ExtKeyUsage) Option

ExtKeyUsage is an Option for setting the extended key usage.

func Extensions 

func Extensions(value []pkix.Extension) Option

Extensions is an Option for setting extensions.

func Issuer 

func Issuer(value *Entity) Option

Issuer is an Option for setting the entity's issuer.

func IssuingCertificateURL 

func IssuingCertificateURL(value ...string) Option

IssuingCertificateURL is an Option for setting the entity's certificate's IssuingCertificateURL.

func KeyUsage 

func KeyUsage(value x509.KeyUsage) Option

KeyUsage is an Option for setting the key usage.

func NextSerialNumber 

func NextSerialNumber(value int64) Option

NextSerialNumber is an Option that determines the SN of the next issued certificate.

func NotAfter 

func NotAfter(value time.Time) Option

NotAfter is an Option for setting the entity's certificate's NotAfter.

func NotBefore 

func NotBefore(value time.Time) Option

NotBefore is an Option for setting the entity's certificate's NotBefore.

func OCSPServer 

func OCSPServer(value ...string) Option

OCSPServer is an Option for setting the entity's certificate's OCSPServer.

func PrivateKey 

func PrivateKey(value crypto.Signer) Option

PrivateKey is an Option for setting the entity's private key.

func Subject 

func Subject(value pkix.Name) Option

Subject is an Option that sets a entity's subject field.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.