Documentation
¶
Index ¶
- Constants
- func EncodeCertPEM(cert *x509.Certificate) []byte
- func EncodePublicKeyPEM(key crypto.PublicKey) ([]byte, error)
- func GetSSHKeyPair(bits int) (PriKey, PubKey string, err error)
- func LoadCaCertAndKeyFromDisk(cfg Config) (*x509.Certificate, crypto.Signer, error)
- func NewCaCertAndKey(cfg Config) (*x509.Certificate, crypto.Signer, error)
- func NewCaCertAndKeyFromRoot(cfg Config, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, crypto.Signer, error)
- func NewPrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
- func NewSelfSignedCACert(key crypto.Signer, commonName string, organization []string, ...) (*x509.Certificate, error)
- func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
- func RsaDecrypt(ciphertext []byte, privateKey []byte) ([]byte, error)
- func RsaEncrypt(origData []byte, publicKey []byte) ([]byte, error)
- func TryLoadKeyFromDisk(pkiPath string) (crypto.Signer, error)
- func WriteCert(pkiPath, name string, cert *x509.Certificate) error
- func WriteCertAndKey(pkiPath string, name string, cert *x509.Certificate, key crypto.Signer) error
- func WriteKey(pkiPath, name string, key crypto.Signer) error
- func WritePublicKey(pkiPath, name string, key crypto.PublicKey) error
- type AltNames
- type Config
Constants ¶
const ( // PrivateKeyBlockType is a possible value for pem.Block.Type. PrivateKeyBlockType = "PRIVATE KEY" // PublicKeyBlockType is a possible value for pem.Block.Type. PublicKeyBlockType = "PUBLIC KEY" // CertificateBlockType is a possible value for pem.Block.Type. CertificateBlockType = "CERTIFICATE" // RSAPrivateKeyBlockType is a possible value for pem.Block.Type. RSAPrivateKeyBlockType = "RSA PRIVATE KEY" )
Variables ¶
This section is empty.
Functions ¶
func EncodeCertPEM ¶
func EncodeCertPEM(cert *x509.Certificate) []byte
EncodeCertPEM returns PEM-endcoded certificate data
func EncodePublicKeyPEM ¶
EncodePublicKeyPEM returns PEM-encoded public data
func GetSSHKeyPair ¶
func LoadCaCertAndKeyFromDisk ¶
LoadCaCertAndKeyFromDisk load ca cert and key form disk.
func NewCaCertAndKey ¶
NewCaCertAndKey Create as ca.
func NewCaCertAndKeyFromRoot ¶
func NewCaCertAndKeyFromRoot(cfg Config, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, crypto.Signer, error)
NewCaCertAndKeyFromRoot cmd/kubeadm/app/util/pkiutil/pki_helpers.go NewCertAndKey
func NewPrivateKey ¶
func NewPrivateKey(keyType x509.PublicKeyAlgorithm) (crypto.Signer, error)
NewPrivateKey creates an RSA private key
func NewSelfSignedCACert ¶
func NewSelfSignedCACert(key crypto.Signer, commonName string, organization []string, year time.Duration) (*x509.Certificate, error)
NewSelfSignedCACert creates a CA certificate
func NewSignedCert ¶
func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
NewSignedCert creates a signed certificate using the given CA certificate and key
func TryLoadKeyFromDisk ¶
TryLoadKeyFromDisk tries to load the key from the disk and validates that it is valid
func WriteCert ¶
func WriteCert(pkiPath, name string, cert *x509.Certificate) error
WriteCert stores the given certificate at the given location
func WriteCertAndKey ¶
WriteTofile WriteCertAndKey stores certificate and key at the specified location
Types ¶
type AltNames ¶
AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.
type Config ¶
type Config struct {
Path string // Writeto Dir
BaseName string // Writeto file name
CAName string // root ca map key
CommonName string
Organization []string
Year time.Duration
AltNames AltNames
Usages []x509.ExtKeyUsage
}
Config contains the basic fields required for creating a certificate
Source Files