secrets

package
v1.0.21 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 28, 2022 License: MPL-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CAImport

type CAImport struct {
	PEMBundle string `json:"pem_bundle"`
	TTL       int    `json:"ttl"`
}

type CAType

type CAType int
const (
	DmsEnroller CAType = iota
	Pki
)

func ParseCAType

func ParseCAType(s string) (CAType, error)

func (CAType) ToVaultPath

func (c CAType) ToVaultPath() string

type Cert

type Cert struct {
	// The status of the CA
	// required: true
	// example: issued | expired
	Status string `json:"status,omitempty"`

	// The serial number of the CA
	// required: true
	// example: 7e:36:13:a5:31:9f:4a:76:10:64:2e:9b:0a:11:07:b7:e6:3e:cf:94
	SerialNumber string `json:"serial_number,omitempty"`

	// The name/alias of the CA
	// required: true
	// example: Lamassu-CA
	Name string `json:"name,omitempty"`

	KeyMetadata PrivateKeyMetadataWithStregth `json:"key_metadata"`

	Subject Subject `json:"subject"`

	CertContent CertContent `json:"certificate"`

	// Expiration period of the new emmited CA
	// required: true
	// example: 262800h
	CaTTL int `json:"ca_ttl,omitempty"`

	EnrollerTTL int `json:"enroller_ttl,omitempty"`

	ValidFrom           string `json:"valid_from"`
	ValidTo             string `json:"valid_to"`
	RevocationTimestamp int64  `json:"revocation_timestamp,omitempty"`
}

type CertContent

type CertContent struct {
	CerificateBase64 string `json:"pem_base64, omitempty"`
	PublicKeyBase64  string `json:"public_key_base64"`
}

type PrivateKey

type PrivateKey struct {
	Key     interface{}
	KeyType string
}

func (*PrivateKey) GetPEMString

func (pk *PrivateKey) GetPEMString() (string, error)

type PrivateKeyMetadata

type PrivateKeyMetadata struct {
	// Algorithm used to create CA key
	// required: true
	// example: RSA
	KeyType string `json:"type"`

	// Length used to create CA key
	// required: true
	// example: 4096
	KeyBits int `json:"bits"`
}

type PrivateKeyMetadataWithStregth

type PrivateKeyMetadataWithStregth struct {
	// Algorithm used to create CA key
	// required: true
	// example: RSA
	KeyType string `json:"type"`

	// Length used to create CA key
	// required: true
	// example: 4096
	KeyBits int `json:"bits"`

	// Strength of the key used to the create CA
	// required: true
	// example: low
	KeyStrength string `json:"strength"`
}

type Secrets

type Secrets interface {
	GetSecretProviderName(ctx context.Context) string

	GetCAs(ctx context.Context, caType CAType) ([]Cert, error)
	GetCA(ctx context.Context, caType CAType, caName string) (Cert, error)
	CreateCA(ctx context.Context, caType CAType, caName string, privateKeyMetadata PrivateKeyMetadata, subject Subject, caTTL int, enrollerTTL int) (Cert, error)
	ImportCA(ctx context.Context, caType CAType, caName string, certificate x509.Certificate, privateKey PrivateKey, enrollerTTL int) (Cert, error)
	DeleteCA(ctx context.Context, caType CAType, caName string) error

	GetIssuedCerts(ctx context.Context, caType CAType, caName string) ([]Cert, error)
	GetCert(ctx context.Context, caType CAType, caName string, serialNumber string) (Cert, error)
	DeleteCert(ctx context.Context, caType CAType, caName string, serialNumber string) error

	SignCertificate(ctx context.Context, caType CAType, CAcaName string, csr *x509.CertificateRequest, signVerbatim bool) (string, error)
}

type Subject

type Subject struct {
	// Common name of the CA certificate
	// required: true
	// example: Lamassu-Root-CA1-RSA4096
	CN string `json:"common_name"`

	// Organization of the CA certificate
	// required: true
	// example: Lamassu IoT
	O string `json:"organization"`

	// Organization Unit of the CA certificate
	// required: true
	// example: Lamassu IoT department 1
	OU string `json:"organization_unit"`

	// Country Name of the CA certificate
	// required: true
	// example: ES
	C string `json:"country"`

	// State of the CA certificate
	// required: true
	// example: Guipuzcoa
	ST string `json:"state"`

	// Locality of the CA certificate
	// required: true
	// example: Arrasate
	L string `json:"locality"`
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL