keysupport

package

v0.7.2 Latest Latest Go to latest Published: Sep 26, 2024 License: Apache-2.0 Imports: 18 Imported by: 5

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hexa-org/policy-mapper

Links

Open Source Insights

Documentation ¶

Overview ¶

Package keysupport is used to generate self-signed keys for testing purposes.

This code was pulled and modified from the following resources: - https://gist.github.com/shaneutt/5e1995295cff6721c89a71d13a71c251 - https://shaneutt.com/blog/golang-ca-and-signed-cert-go/.

USAGE:

Use the hexaKeyTool command to call this routine.

go run cmd/hexaKeyTool

This will generate a CA cert/key pair and use that to sign Server cert/key pair and Client cert/key pair.

Use these certs for tests such as websupport_test and orchestrator_test.

Index ¶

Constants
func CheckCaInstalled(client *http.Client)
type KeyConfig
- func GetKeyConfig() KeyConfig

Constants ¶

View Source

const (
	EnvCertOrg       string = "HEXA_CERT_ORG"
	EnvCertCountry   string = "HEXA_CERT_COUNTRY"
	EnvCertProv      string = "HEXA_CERT_PROV"
	EnvCertLocality  string = "HEXA_CERT_LOCALITY"
	EnvCertCaPrivKey string = "HEXA_CA_KEYFILE" // The location of a private key used to generate server keys
	EnvCertCaPubKey  string = "HEXA_CA_CERT"
	EnvCertDirectory string = "HEXA_CERT_DIRECTORY" // The location where keys are stored.
	EnvServerCert    string = "HEXA_SERVER_CERT"
	EnvServerKey     string = "HEXA_SERVER_KEY_PATH"
	EnvServerDNS     string = "HEXA_SERVER_DNS_NAME"
	EnvAutoCreate    string = "HEXA_AUTO_SELFSIGN"
)

Variables ¶

This section is empty.

Functions ¶

func CheckCaInstalled ¶

func CheckCaInstalled(client *http.Client)

CheckCaInstalled will check if a CA certificate has been installed in the http.Client or if nil, the system cert pool

Types ¶

type KeyConfig ¶

type KeyConfig struct {
	CaKeyFile      string // The file containing a PEM encoded PKCS1 private key
	CaCertFile     string
	CaPrivKey      *rsa.PrivateKey
	CertDir        string // This is the directory where generated keys are output
	PkixName       pkix.Name
	ServerCertPath string
	ServerKeyPath  string
	CaConfig       *x509.Certificate
	// contains filtered or unexported fields
}

func GetKeyConfig ¶

func GetKeyConfig() KeyConfig

GetKeyConfig reads environment variables and sets up configuration parameters in KeyConfig struct. Note that if no environment variables are set, the default directory is the current directory plus "./.certs". When running in docker-compose as a minimum, HEXA_CERT_DIRECTORY should be set.

func (*KeyConfig) CertDirExists ¶

func (config *KeyConfig) CertDirExists() bool

func (*KeyConfig) GenerateClientKeys ¶

func (config *KeyConfig) GenerateClientKeys(keyPath, certPath string) (err error)

func (*KeyConfig) InitializeCa ¶ added in v0.6.15

func (config *KeyConfig) InitializeCa() error

func (*KeyConfig) InitializeKeys ¶

func (config *KeyConfig) InitializeKeys() (err error)

InitializeKeys creates a set of self-signed keys and writes them out to the directory in KeyConfig.CertDir This includes: Certificate Authority Certificate and Key (ca-cert/ca-key), Server certificate (server-cert.pem) and key (server-key.pem), and a client certificate (client-cert.pem) and key (client-key.pem).

func (*KeyConfig) RootKeyExists ¶

func (config *KeyConfig) RootKeyExists() bool

func (*KeyConfig) ServerCertExists ¶

func (config *KeyConfig) ServerCertExists() bool

Source Files ¶

View all Source files

key_handler.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL