Documentation ¶
Index ¶
- func CommonNameForCertificate(crt *v1alpha1.Certificate) string
- func DNSNamesForCertificate(crt *v1alpha1.Certificate) []string
- func DecodeDERCertificateBytes(derBytes []byte) (*x509.Certificate, error)
- func DecodePKCS1PrivateKeyBytes(keyBytes []byte) (*rsa.PrivateKey, error)
- func DecodeX509CertificateBytes(certBytes []byte) (*x509.Certificate, error)
- func EncodeCSR(template *x509.CertificateRequest, key interface{}) ([]byte, error)
- func EncodePKCS1PrivateKey(pk *rsa.PrivateKey) []byte
- func GenerateCSR(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate) (*x509.CertificateRequest, error)
- func GenerateRSAPrivateKey(keySize int) (*rsa.PrivateKey, error)
- func GenerateTemplate(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate, serialNo *big.Int) (*x509.Certificate, error)
- func PublicKeyMatchesCertificate(check crypto.PublicKey, crt *x509.Certificate) (bool, error)
- func SignCertificate(template *x509.Certificate, issuerCert *x509.Certificate, ...) ([]byte, *x509.Certificate, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CommonNameForCertificate ¶
func CommonNameForCertificate(crt *v1alpha1.Certificate) string
func DNSNamesForCertificate ¶
func DNSNamesForCertificate(crt *v1alpha1.Certificate) []string
func DecodeDERCertificateBytes ¶
func DecodeDERCertificateBytes(derBytes []byte) (*x509.Certificate, error)
func DecodePKCS1PrivateKeyBytes ¶
func DecodePKCS1PrivateKeyBytes(keyBytes []byte) (*rsa.PrivateKey, error)
func DecodeX509CertificateBytes ¶
func DecodeX509CertificateBytes(certBytes []byte) (*x509.Certificate, error)
func EncodeCSR ¶ added in v0.4.0
func EncodeCSR(template *x509.CertificateRequest, key interface{}) ([]byte, error)
func EncodePKCS1PrivateKey ¶
func EncodePKCS1PrivateKey(pk *rsa.PrivateKey) []byte
func GenerateCSR ¶
func GenerateCSR(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate) (*x509.CertificateRequest, error)
func GenerateRSAPrivateKey ¶
func GenerateRSAPrivateKey(keySize int) (*rsa.PrivateKey, error)
func GenerateTemplate ¶ added in v0.4.0
func GenerateTemplate(issuer v1alpha1.GenericIssuer, crt *v1alpha1.Certificate, serialNo *big.Int) (*x509.Certificate, error)
GenerateTemplate will create a x509.Certificate for the given Certificate resource. This should create a Certificate template that is equivalent to the CertificateRequest generated by GenerateCSR. The PublicKey field must be populated by the caller.
func PublicKeyMatchesCertificate ¶ added in v0.4.1
PublicKeyMatchesCertificate can be used to verify the given public key is the correct counter-part to the given x509 Certificate. It will return false and no error if the public key is *not* valid for the given Certificate. It will return true if the public key *is* valid for the given Certificate. It will return an error if either of the passed parameters are of an unrecognised type (i.e. non RSA/ECDSA)
func SignCertificate ¶ added in v0.4.0
func SignCertificate(template *x509.Certificate, issuerCert *x509.Certificate, publicKey interface{}, signerKey interface{}) ([]byte, *x509.Certificate, error)
SignCertificate returns a signed x509.Certificate object for the given *v1alpha1.Certificate crt. publicKey is the public key of the signee, and signerKey is the private key of the signer.
Types ¶
This section is empty.