ssl

Documentation

Index

• Constants
• func Generate(csrData, ca, caKey []byte, expires time.Duration, usage []string) ([]byte, []byte, error)
• func GenerateCA(csrData []byte, expires time.Duration) ([]byte, []byte, error)
• type CertificateName
  • func (n *CertificateName) Empty() bool
• type CertificateRequest
  • func ParseCertificateRequest(in []byte) (*CertificateRequest, error)
• type Key
  • func GenerateKey(algorithm KeyAlgorithm, size int) (Key, error)
• type KeyAlgorithm
  • func ParseKeyAlgorithm(in string) (KeyAlgorithm, error)
  • func (a KeyAlgorithm) DefaultSize() int
  • func (a KeyAlgorithm) String() string
  • func (a KeyAlgorithm) ValidKeySize(size int) error

Constants

const (
	// DefaultCertificateExpiration is the default certificate expiration (10 yrs)
	DefaultCertificateExpiration = 10 * 8760 * time.Hour
)

Functions

func Generate

func Generate(csrData, ca, caKey []byte, expires time.Duration, usage []string) ([]byte, []byte, error)

Generate generates a new certificate

func GenerateCA

func GenerateCA(csrData []byte, expires time.Duration) ([]byte, []byte, error)

GenerateCA generates a self signed certificate authority pem encoded certificate

Types

type CertificateName

type CertificateName struct {
	C            string `yaml:"C"`                      // Country
	ST           string `yaml:"ST"`                     // Province
	L            string `yaml:"L"`                      // Locality
	O            string `yaml:"O"`                      // OrganizationName
	OU           string `yaml:"OU,omitempty"`           // OrganizationalUnitName
	SerialNumber string `yaml:"serialNumber,omitempty"` // SerialNumber
}

CertificateName contains subject fields

func (*CertificateName) Empty

func (n *CertificateName) Empty() bool

Empty returns true if the certificate name is empty

type CertificateRequest

type CertificateRequest struct {
	Algorithm    string            `yaml:"keyAlgorithm"`           // Algorithm
	Size         int               `yaml:"keySize,omitempty"`      // Size
	CommonName   string            `yaml:"commonName"`             // CommonName
	Names        []CertificateName `yaml:"names,omitempty"`        // Names
	Hosts        []string          `yaml:"hosts,omitempty"`        // Hosts
	SerialNumber string            `yaml:"serialNumber,omitempty"` // SerialNumber
}

CertificateRequest represents a certificate request

func ParseCertificateRequest

func ParseCertificateRequest(in []byte) (*CertificateRequest, error)

ParseCertificateRequest parses a yaml encoded certificate request

type Key

type Key interface {
	Algorithm() KeyAlgorithm
	Size() int
	Encoded() []byte
	PrivateKey() crypto.PrivateKey
	PublicKeyAlgorithm() x509.PublicKeyAlgorithm
	PublicKey() crypto.PublicKey
	SignatureAlgorithm() x509.SignatureAlgorithm

	AsReader() io.Reader
}

Key represents a key

func GenerateKey

func GenerateKey(algorithm KeyAlgorithm, size int) (Key, error)

GenerateKey generates a new key

type KeyAlgorithm

type KeyAlgorithm int

KeyAlgorithm specifies the type of key algorithm to use

const (

	// ECDSAKey specifies the ecdsa algorithm
	ECDSAKey KeyAlgorithm
	// RSAKey specifies an RSA key
	RSAKey
)

func ParseKeyAlgorithm

func ParseKeyAlgorithm(in string) (KeyAlgorithm, error)

ParseKeyAlgorithm parses a key algorithm

func (KeyAlgorithm) DefaultSize

func (a KeyAlgorithm) DefaultSize() int

DefaultSize returns the default key size for the specified algorithm

func (KeyAlgorithm) String

func (a KeyAlgorithm) String() string

func (KeyAlgorithm) ValidKeySize

func (a KeyAlgorithm) ValidKeySize(size int) error

ValidKeySize checks if the supplied key size is valid for the KeyAlgorithm