core

package

v2.6.0 Latest Latest Go to latest Published: May 31, 2024 License: MPL-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/letsencrypt/pebble

Links

Open Source Insights

Documentation ¶

Index ¶

type Account
type Authorization
type CertID
- func NewCertID(serial []byte, akid []byte) (*CertID, error)
- func (c CertID) SerialHex() string
type Certificate
- func (c Certificate) Chain(no int) []byte
- func (c Certificate) PEM() []byte
type Challenge
- func (ch *Challenge) ExpectedKeyAuthorization(key *jose.JSONWebKey) string
type Order
- func (o *Order) GetStatus() (string, error)
type RenewalInfo
- func RenewalInfoImmediate(now time.Time) *RenewalInfo
- func RenewalInfoSimple(issued time.Time, expires time.Time) *RenewalInfo
type RevokedCertificate
type SuggestedWindow
- func (window SuggestedWindow) IsWithin(now time.Time) bool
type ValidationRecord

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Account ¶

type Account struct {
	acme.Account
	Key *jose.JSONWebKey `json:"key"`
	ID  string           `json:"-"`
}

type Authorization ¶

type Authorization struct {
	sync.RWMutex
	acme.Authorization
	ID          string
	URL         string
	ExpiresDate time.Time
	Order       *Order
	Challenges  []*Challenge
}

type CertID ¶ added in v2.6.0

type CertID struct {
	KeyIdentifier []byte
	SerialNumber  *big.Int
	// contains filtered or unexported fields
}

CertID represents a unique identifier (CertID) for a certificate as per the ACME protocol's "renewalInfo" resource, as specified in draft-ietf-acme-ari- 03. The CertID is a composite string derived from the base64url-encoded keyIdentifier of the certificate's Authority Key Identifier (AKI) and the base64url-encoded serial number of the certificate, separated by a period. For more details see: https://datatracker.ietf.org/doc/html/draft-ietf-acme-ari-02#section-4.1.

func NewCertID ¶ added in v2.6.0

func NewCertID(serial []byte, akid []byte) (*CertID, error)

NewCertID takes bytes representing a serial number and authority key identifier and returns a CertID or an error.

func (CertID) SerialHex ¶ added in v2.6.0

func (c CertID) SerialHex() string

SerialHex returns a CertID's id field.

type Certificate ¶

type Certificate struct {
	ID           string
	Cert         *x509.Certificate
	DER          []byte
	IssuerChains [][]*Certificate
	AccountID    string
}

func (Certificate) Chain ¶

func (c Certificate) Chain(no int) []byte

func (Certificate) PEM ¶

func (c Certificate) PEM() []byte

type Challenge ¶

type Challenge struct {
	sync.RWMutex
	acme.Challenge
	ID            string
	Authz         *Authorization
	ValidatedDate time.Time
}

func (*Challenge) ExpectedKeyAuthorization ¶

func (ch *Challenge) ExpectedKeyAuthorization(key *jose.JSONWebKey) string

type Order ¶

type Order struct {
	sync.RWMutex
	acme.Order
	ID                   string
	AccountID            string
	Names                []string
	ParsedCSR            *x509.CertificateRequest
	ExpiresDate          time.Time
	AuthorizationObjects []*Authorization
	BeganProcessing      bool
	CertificateObject    *Certificate
	// Indicates if the finalized order has been successfully replaced via ARI.
	IsReplaced bool
}

func (*Order) GetStatus ¶

func (o *Order) GetStatus() (string, error)

type RenewalInfo ¶ added in v2.6.0

type RenewalInfo struct {
	SuggestedWindow SuggestedWindow `json:"suggestedWindow"`
}

RenewalInfo is a type which is exposed to clients which query the renewalInfo endpoint specified in draft-aaron-ari.

func RenewalInfoImmediate ¶ added in v2.6.0

func RenewalInfoImmediate(now time.Time) *RenewalInfo

RenewalInfoImmediate constructs a `RenewalInfo` object with a suggested window in the past. Per the draft-ietf-acme-ari-01 spec, clients should attempt to renew immediately if the suggested window is in the past. The passed `now` is assumed to be a timestamp representing the current moment in time.

func RenewalInfoSimple ¶ added in v2.6.0

func RenewalInfoSimple(issued time.Time, expires time.Time) *RenewalInfo

RenewalInfoSimple constructs a `RenewalInfo` object and suggested window using a very simple renewal calculation: calculate a point 2/3rds of the way through the validity period, then give a 2-day window around that. Both the `issued` and `expires` timestamps are expected to be UTC.

type RevokedCertificate ¶

type RevokedCertificate struct {
	Certificate *Certificate
	RevokedAt   time.Time
	Reason      *uint
}

RevokedCertificate is a certificate together with information about its revocation.

type SuggestedWindow ¶ added in v2.6.0

type SuggestedWindow struct {
	Start time.Time `json:"start"`
	End   time.Time `json:"end"`
}

SuggestedWindow is a type exposed inside the RenewalInfo resource.

func (SuggestedWindow) IsWithin ¶ added in v2.6.0

func (window SuggestedWindow) IsWithin(now time.Time) bool

IsWithin returns true if the given time is within the suggested window, inclusive of the start time and exclusive of the end time.

type ValidationRecord ¶

type ValidationRecord struct {
	URL         string
	Error       *acme.ProblemDetails
	ValidatedAt time.Time
}

Source Files ¶

View all Source files

types.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL