testca

package
v0.8.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 12, 2021 License: Apache-2.0, MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// DefaultCountry is the default subject Country.
	DefaultCountry = []string{"US"}

	// DefaultProvince is the default subject Province.
	DefaultProvince = []string{"CA"}

	// DefaultLocality is the default subject Locality.
	DefaultLocality = []string{"San Francisco"}

	// DefaultStreetAddress is the default subject StreetAddress.
	DefaultStreetAddress = []string(nil)

	// DefaultPostalCode is the default subject PostalCode.
	DefaultPostalCode = []string(nil)

	// DefaultCommonName is the default subject CommonName.
	DefaultCommonName = "[TEST]"
)

Functions

func MakeInvalidCertsChainTSA

func MakeInvalidCertsChainTSA(t *testing.T, hours int) (crypto.Signer, *x509.Certificate, []*x509.Certificate, *x509.Certificate)

MakeInvalidCertsChainTSA creates invalid TSA cert with several critical EKU extensions

func MakeValidCertsChainTSA

func MakeValidCertsChainTSA(t *testing.T, hours int, ec bool) (crypto.Signer, *x509.Certificate, []*x509.Certificate, *x509.Certificate)

MakeValidCertsChainTSA creates valid TSA cert with the only critical EKU extension for timestamping

func PrivKeyToPEM

func PrivKeyToPEM(priv interface{}) []byte

PrivKeyToPEM exports private key to PEM

func ToDER

func ToDER(priv interface{}) []byte

ToDER exports private key to DER

func ToPEM

func ToPEM(cert *x509.Certificate) []byte

ToPEM exports cert to PEM

func ToPFX

func ToPFX(cert *x509.Certificate, priv interface{}, password string) []byte

ToPFX converts cert with private key to PFX

func ToPKCS8

func ToPKCS8(priv interface{}) []byte

ToPKCS8 exports private key to PKCS8

Types

type Entity

type Entity struct {
	Issuer      *Entity
	PrivateKey  crypto.Signer
	Certificate *x509.Certificate
	NextSN      int64
}

Entity is a certificate and private key.

func NewEntity

func NewEntity(opts ...Option) *Entity

NewEntity creates a new CA.

func (*Entity) Chain

func (id *Entity) Chain() []*x509.Certificate

Chain builds a slice of *x509.Certificate from this CA and its issuers.

func (*Entity) ChainPool

func (id *Entity) ChainPool() *x509.CertPool

ChainPool builds an *x509.CertPool from this CA and its issuers.

func (*Entity) IncrementSN

func (id *Entity) IncrementSN() int64

IncrementSN returns the next serial number.

func (*Entity) Issue

func (id *Entity) Issue(opts ...Option) *Entity

Issue issues a new Entity with this one as its parent.

func (*Entity) KeyAndCertChain

func (id *Entity) KeyAndCertChain() *KeyAndCertChain

KeyAndCertChain returns chain for the PrivateKey

func (*Entity) PFX

func (id *Entity) PFX(password string) []byte

PFX wraps the certificate and private key in an encrypted PKCS#12 packet. The provided password must be alphanumeric.

func (*Entity) Root

func (id *Entity) Root() *x509.Certificate

Root returns root CA for this entity.

type KeyAndCertChain

type KeyAndCertChain struct {
	PrivateKey  crypto.Signer
	Certificate *x509.Certificate
	Chain       []*x509.Certificate
	Root        *x509.Certificate
}

KeyAndCertChain provides PrivateKey and its certificates chain

type Option

type Option option

Option is an option that can be passed to New().

var Authority Option = func(c *configuration) {
	c.isCA = true
}

Authority is an Option for making an entity a certificate authority.

func CrlDpURL

func CrlDpURL(value ...string) Option

CrlDpURL is an Option for setting the entity's certificate's CRL Distribution Point.

func DNSName added in v0.5.0

func DNSName(value ...string) Option

DNSName is an Option for setting the SAN.

func ExtKeyUsage

func ExtKeyUsage(value x509.ExtKeyUsage) Option

ExtKeyUsage is an Option for setting the extended key usage.

func Extensions

func Extensions(value []pkix.Extension) Option

Extensions is an Option for setting extensions.

func Issuer

func Issuer(value *Entity) Option

Issuer is an Option for setting the entity's issuer.

func IssuingCertificateURL

func IssuingCertificateURL(value ...string) Option

IssuingCertificateURL is an Option for setting the entity's certificate's IssuingCertificateURL.

func KeyUsage

func KeyUsage(value x509.KeyUsage) Option

KeyUsage is an Option for setting the key usage.

func NextSerialNumber

func NextSerialNumber(value int64) Option

NextSerialNumber is an Option that determines the SN of the next issued certificate.

func NotAfter

func NotAfter(value time.Time) Option

NotAfter is an Option for setting the entity's certificate's NotAfter.

func NotBefore

func NotBefore(value time.Time) Option

NotBefore is an Option for setting the entity's certificate's NotBefore.

func OCSPServer

func OCSPServer(value ...string) Option

OCSPServer is an Option for setting the entity's certificate's OCSPServer.

func PrivateKey

func PrivateKey(value crypto.Signer) Option

PrivateKey is an Option for setting the entity's private key.

func Subject

func Subject(value pkix.Name) Option

Subject is an Option that sets a entity's subject field.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL