scepserver

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 17, 2017 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeSCEPResponse 

func DecodeSCEPResponse(ctx context.Context, r *http.Response) (interface{}, error)

DecodeSCEPResponse decodes a SCEP response

func EncodeSCEPRequest 

func EncodeSCEPRequest(ctx context.Context, r *http.Request, request interface{}) error

EncodeSCEPRequest encodes a SCEP http request

func ServiceHandler 

func ServiceHandler(ctx context.Context, svc Service, logger kitlog.Logger) http.Handler

ServiceHandler is an HTTP Handler for a SCEP endpoint.

Types

type SCEPRequest 

type SCEPRequest struct {
	Operation string
	Message   []byte
	Err       error // request error
}

SCEPRequest is a SCEP server request.

type SCEPResponse 

type SCEPResponse struct {
	CACertNum int //chain
	Data      []byte
	Err       error // response error
}

SCEPResponse is a SCEP server response. Business errors will be encoded as a CertRep message with pkiStatus FAILURE and a failInfo attribute.

type Service 

type Service interface {
	// GetCACaps returns a list of options
	// which are supported by the server.
	GetCACaps(ctx context.Context) ([]byte, error)

	// GetCACert returns CA certificate or
	// a CA certificate chain with intermediates
	// in a PKCS#7 Degenerate Certificates format
	GetCACert(ctx context.Context) ([]byte, int, error)

	// PKIOperation handles incoming SCEP messages such as PKCSReq and
	// sends back a CertRep PKIMessag.
	PKIOperation(ctx context.Context, msg []byte) ([]byte, error)

	// GetNextCACert returns a replacement certificate or certificate chain
	// when the old one expires. The response format is a PKCS#7 Degenerate
	// Certificates type.
	GetNextCACert(ctx context.Context) ([]byte, error)
}

Service is the interface for all supported SCEP server operations.

func NewLoggingService 

func NewLoggingService(logger log.Logger, s Service) Service

NewLoggingService creates adds logging to the SCEP service

func NewService 

func NewService(depot depot.Depot, opts ...ServiceOption) (Service, error)

NewService creates a new scep service

type ServiceOption 

type ServiceOption func(*service) error

ServiceOption is a server configuration option

func AllowRenewal 

func AllowRenewal(duration int) ServiceOption

allowRenewal sets the days before expiry which we are allowed to renew (optional)

func CAKeyPassword 

func CAKeyPassword(pw []byte) ServiceOption

CAKeyPassword is an optional argument to NewService for specifying the CA private key password.

func ChallengePassword 

func ChallengePassword(pw string) ServiceOption

ChallengePassword is an optional argument to NewService which allows setting a preshared key for SCEP.

func ClientValidity 

func ClientValidity(duration int) ServiceOption

ClientValidity sets the validity of signed client certs in days (optional parameter)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.