Documentation ¶
Index ¶
- Constants
- Variables
- func GenCAPrivateKey(filename string) (caKey *rsa.PrivateKey, caKeyBytes []byte, err error)
- func GenRSAPrivateKey() (key *rsa.PrivateKey, err error)
- func NewSelfSignedCACert(caKey *rsa.PrivateKey, cn string) (*x509.Certificate, error)
- func NewSignedCert(privKey *rsa.PrivateKey, caKeyPair *KeyPair, cn, o string, dns, ips []string, ...) (*x509.Certificate, error)
- func SelfSignedCACert(filename string, caKey *rsa.PrivateKey, cn string) (*x509.Certificate, []byte, error)
- func SignedCert(privKey *rsa.PrivateKey, caKeyPair *KeyPair, cn, o string, dns, ips []string, ...) (*x509.Certificate, []byte, error)
- type KeyPair
- func Load(baseCertsDir, name, cn string) (*KeyPair, error)
- func NewCAKeyPair(fromCAKeyPair *KeyPair, baseCertsDir, name, cn string) (*KeyPair, error)
- func NewEmptyKeyPair(baseCertsDir, name, cn, o string, dns, ips []string, ...) *KeyPair
- func NewKeyPair(baseCertsDir, name, cn, o string, dns, ips []string, caKeyPair *KeyPair, ...) (*KeyPair, error)
- func (kp *KeyPair) GenCAKeyPair(fromCAKeyPair *KeyPair) error
- func (kp *KeyPair) GenKeyPair(caKeyPair *KeyPair) error
- func (kp *KeyPair) Load() error
- func (kp *KeyPair) NewFilenames(baseCertsDir, name string) (prevKeyFile string, prevCertFile string)
- func (kp *KeyPair) PEMEncodeCert() []byte
- func (kp *KeyPair) PEMEncodePrivateKey() []byte
- func (kp *KeyPair) SaveCertificate(overwrite bool) error
- func (kp *KeyPair) SavePrivateKey(overwrite bool) error
- type KeyPairs
Constants ¶
const ( Duration = 3650 // 10 years = 3650 days OrganizationalUnit = "KubeKit" Organization = "LifeRaft" Locality = "San Diego" Province = "California" Country = "US" )
Constants used to create the certificate
const EnvCAKeyPassword = "KUBEKIT_CA_KEY_PASSWORD"
EnvCAKeyPassword is the environment variable to store the password used to encrypt the provided CA Key file
Variables ¶
var ( GenericDNSNames = []string{ "localhost", } GenericIPAddresses = []string{ "127.0.0.1", } )
Temporal: DNS and IPs to include in the certificates
Functions ¶
func GenCAPrivateKey ¶
func GenCAPrivateKey(filename string) (caKey *rsa.PrivateKey, caKeyBytes []byte, err error)
GenCAPrivateKey generates a CA RSA Key or returns the CA Key from the given filename. The file (if provided) should contain a PEM encoded CA RSA Key
func GenRSAPrivateKey ¶
func GenRSAPrivateKey() (key *rsa.PrivateKey, err error)
GenRSAPrivateKey generates a RSA private key
func NewSelfSignedCACert ¶
func NewSelfSignedCACert(caKey *rsa.PrivateKey, cn string) (*x509.Certificate, error)
NewSelfSignedCACert creates a Self Signed CA Certificate with a given CA Private Key and a Common Name
func NewSignedCert ¶
func NewSignedCert(privKey *rsa.PrivateKey, caKeyPair *KeyPair, cn, o string, dns, ips []string, extKeyUsage []x509.ExtKeyUsage) (*x509.Certificate, error)
NewSignedCert creates a Self Signed Certificate with a given private key, the CA key pair (key and cert) and a Common Name
func SelfSignedCACert ¶
func SelfSignedCACert(filename string, caKey *rsa.PrivateKey, cn string) (*x509.Certificate, []byte, error)
SelfSignedCACert generates a CA x509 Certificate from a CA RSA Key or returns the CA x509 Certificate from the given filename. The file (if provided) should contain a PEM encoded CA x509 Certificate
func SignedCert ¶
func SignedCert(privKey *rsa.PrivateKey, caKeyPair *KeyPair, cn, o string, dns, ips []string, extKeyUsage []x509.ExtKeyUsage) (*x509.Certificate, []byte, error)
SignedCert generates a Self Signed Certificate and returns also the pem decoded bytes
Types ¶
type KeyPair ¶
type KeyPair struct { Name string KeyFile string PrivateKey *rsa.PrivateKey PrivateKeyPEM []byte CN string O string DNSNames []string IPAddresses []string CertFile string Certificate *x509.Certificate CertificatePEM []byte IsCA bool ExtKeyUsage []x509.ExtKeyUsage }
KeyPair encapsulate the Private Key and Certificate key pair
func Load ¶
Load creates and loads the key pair from the key and cert files located in the given directory
func NewCAKeyPair ¶
NewCAKeyPair creates a new CA Key Pair from the given filenames or generates them if the files does not exists
func NewEmptyKeyPair ¶
func NewEmptyKeyPair(baseCertsDir, name, cn, o string, dns, ips []string, extKeyUsage []x509.ExtKeyUsage) *KeyPair
NewEmptyKeyPair creates a KeyPair with everything but the key and cert
func NewKeyPair ¶
func NewKeyPair(baseCertsDir, name, cn, o string, dns, ips []string, caKeyPair *KeyPair, extKeyUsage []x509.ExtKeyUsage) (*KeyPair, error)
NewKeyPair creates a new KeyPair with the key and cert
func (*KeyPair) GenCAKeyPair ¶
GenCAKeyPair reads the CA Key and Certificate from the given files or generates them if the file names are empty or does not exists
func (*KeyPair) GenKeyPair ¶
GenKeyPair creates the key and cert
func (*KeyPair) NewFilenames ¶
func (kp *KeyPair) NewFilenames(baseCertsDir, name string) (prevKeyFile string, prevCertFile string)
NewFilenames updates the Key Pair filenames (key and cert) using a new base directory and name. If name is empty will use the current Key Pair name. It returns the previous filenames
func (*KeyPair) PEMEncodeCert ¶
PEMEncodeCert returns the PEM encode of the given certificate
func (*KeyPair) PEMEncodePrivateKey ¶
PEMEncodePrivateKey returns the PEM encode of the given private key
func (*KeyPair) SaveCertificate ¶
SaveCertificate saves the certificate file from this key pair
func (*KeyPair) SavePrivateKey ¶
SavePrivateKey saves the private key file from this key pair