ca

package

v0.0.0-...-a6744e1 Latest Latest Go to latest Published: Aug 14, 2018 License: GPL-3.0 Imports: 1 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jrolli/SimpleCA

Links

Open Source Insights

Documentation ¶

Overview ¶

Package ca provides a common interface for upstream providers of certificate authority services that can be used to get new end use certificates.

Index ¶

type CertAuthorizer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertAuthorizer ¶

type CertAuthorizer interface {
	// Authorize takes the names authorized for the cert and a signature by
	// the control key over those names.  The function returns a byte-string
	// that is signed by the new public key as proof of authorization in the
	// 'Register' function.
	Authorize(names []string, sig []byte) ([]byte, error)

	// Register takes the authorization byte-string, the public key for the
	// new certificate, and the signature of the authorization string using
	// the new private-key and returns the new certificate.  The server must
	// validate both the authorization token (valid and not used) and the
	// signature (corresponds to the presented public key).
	Register(auth, pub, sig []byte) ([]byte, error)

	// Renew uses an existing certificate to get a new certificate for the
	// same domain names.  The private key of the old certificate is used to
	// sign the new public key.  The server is able to validate the signature
	// and authorized domain names by using the serial to look it up in its
	// local database.  Upon granting the new certificate, the server must
	// revoke the old certificate.
	Renew(oldCertSerial, pub, sig []byte) ([]byte, error)

	// Revoke uses the control key to revoke an existing certificate by its
	// serial in hex format.  The server must validate the signature of the
	// control key before revoking the certificate.
	Revoke(serial, sig []byte) error

	// CertBySerial returns the DER encoded certificate with the matching
	// serial number.  Returns an appropriate error if it is invalid,
	// expired, or non-existent.
	CertBySerial(big.Int) ([]byte, error)

	// CertByName returns the DER encoded certificate with the matching
	// common name.  Returns an appropriate error if it is invalid, expired,
	// or non-existent.
	CertByName(string) ([]byte, error)

	// RootCert returns the root certificate in DER encoding.
	RootCert() ([]byte, error)

	// CRL returns a CRL that is currently valid.
	CRL() ([]byte, error)
}

Source Files ¶

View all Source files

ca.go

Directories ¶

Path	Synopsis
local Package local provides a basic implementation for a minimal certificate authority implemented in Go.	Package local provides a basic implementation for a minimal certificate authority implemented in Go.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL