Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Identity ¶
type Identity struct {
Authorities []*x509.Certificate
Certificate *x509.Certificate
Key *rsa.PrivateKey
}
Identity represents an X.509 identity.
func NewIdentity ¶
func NewIdentity(authorities []*x509.Certificate, certificate *x509.Certificate, key *rsa.PrivateKey) *Identity
NewIdentity returns a new identity.
type IdentityBuilder ¶
type IdentityBuilder struct {
// contains filtered or unexported fields
}
IdentityBuilder provides an builder for Identity instances.
func NewIdentityBuilder ¶
func NewIdentityBuilder() *IdentityBuilder
NewIdentityBuilder returns a new instance of the IdentityBuilder structure.
func (*IdentityBuilder) Build ¶
func (b *IdentityBuilder) Build() (*Identity, error)
Build creates a Identity from the IdentityBuilder.
func (*IdentityBuilder) WithAuthorities ¶
func (b *IdentityBuilder) WithAuthorities(authorities string) *IdentityBuilder
WithAuthorities sets the certificate authorities that issued the identity. The value must be a URL that points to the location of PEM encoded certificates.
Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.
func (*IdentityBuilder) WithCertificate ¶
func (b *IdentityBuilder) WithCertificate(certificate string) *IdentityBuilder
WithCertificate sets the certificate for the identity. The value must be a URL that points to the location of a PEM encoded X.509 certificate.
Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.
func (*IdentityBuilder) WithKey ¶
func (b *IdentityBuilder) WithKey(key string) *IdentityBuilder
WithKey sets the key for the identity. The value must be a URL that points to the location of a PEM encoded RSA key.
Note that in addition to those schemes supported by [getter](https://godoc.org/github.com/hashicorp/go-getter) a "base64" scheme is supported for providing the PEM encoded certifiate in the path of the URL directly. This is most applicable when the certificate data must be provided via an environement variable.
type IdentityConfig ¶
type IdentityConfig struct {
Authorities string `json:"authorities" mapstructure:"authorities" yaml:"authorities"`
Certificate string `json:"certificate" mapstructure:"certificate" yaml:"certificate"`
Key string `json:"key" mapstructure:"key" yaml:"key"`
}
IdentityConfig provides a serializable representation of an Identity structure.
func (*IdentityConfig) Build ¶
func (c *IdentityConfig) Build() (*Identity, error)
Build creates an Identity from the IdentityConfig instance.
type Template ¶
type Template struct {
AuthorityKeyID []byte
BasicConstraintsValid bool
CRLDistributionPoints []string
DNSNames []string
EmailAddresses []string
ExcludedDNSDomains []string
ExcludedEmailAddresses []string
ExcludedIPRanges []*net.IPNet
ExcludedURIDomains []string
ExtKeyUsage []x509.ExtKeyUsage
ExtraExtensions []pkix.Extension
IsCA bool
IssuingCertificateURL []string
KeyUsage x509.KeyUsage
MaxPathLen int
MaxPathLenZero bool
NotAfter time.Time
NotBefore time.Time
OCSPServer []string
PermittedDNSDomains []string
PermittedDNSDomainsCritical bool
PermittedEmailAddresses []string
PermittedIPRanges []*net.IPNet
PermittedURIDomains []string
PolicyIdentifiers []asn1.ObjectIdentifier
SerialNumber *big.Int
SignatureAlgorithm x509.SignatureAlgorithm
Subject pkix.Name
SubjectKeyID []byte
URIs []*url.URL
UnknownExtKeyUsage []asn1.ObjectIdentifier
}
Source Files