cert

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 3, 2024 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EncodeCertPEM

func EncodeCertPEM(ct *x509.Certificate) []byte

EncodeCertPEM returns PEM-encoded certificate data

func EncodePrivateKeyPEM

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data

func NewPrivateKey

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSignedCert

func NewSignedCert(cfg cert.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ValidCACert

func ValidCACert(key, cert, caCert []byte, dnsName string, time time.Time) bool

ValidCACert think cert and key are valid if they meet the following requirements: - key and cert are valid pair - caCert is the root ca of cert - cert is for dnsName - cert won't expire before time

Types

type Artifacts

type Artifacts struct {
	// PEM encoded private key
	Key []byte
	// PEM encoded serving certificate
	Cert []byte
	// PEM encoded CA private key
	CAKey []byte
	// PEM encoded CA certificate
	CACert []byte
	// Resource version of the certs
	ResourceVersion string
}

Artifacts hosts a private key, its corresponding serving certificate and the CA certificate that signs the serving certificate.

type Generator

type Generator interface {
	// Generate returns a Artifacts struct.
	Generate(CommonName string) (*Artifacts, error)
	// SetCA sets the PEM-encoded CA private key and CA cert for signing the generated serving cert.
	SetCA(caKey, caCert []byte)
}

Generator is an interface to provision the serving certificate.

type SelfSignedCertGenerator

type SelfSignedCertGenerator struct {
	// contains filtered or unexported fields
}

func (*SelfSignedCertGenerator) Generate

func (cp *SelfSignedCertGenerator) Generate(commonName string) (*Artifacts, error)

Generate creates and returns a CA certificate, certificate and key for the server or client. Key and Cert are used by the server or client to establish trust for others, CA certificate is used by the client or server to verify the other's authentication chain. The cert will be valid for 365 days.

func (*SelfSignedCertGenerator) SetCA

func (cp *SelfSignedCertGenerator) SetCA(caKey, caCert []byte)

SetCA sets the PEM-encoded CA private key and CA cert for signing the generated serving cert.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL