certkit

package module

v0.0.0-...-44a22f9 Latest Latest Go to latest Published: May 2, 2024 License: MPL-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/luisfurquim/stonelizard

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func SetCreatePolicy(policy byte) error
type CertKit
- func New(srvsubject, casubject pkix.Name, host, email string) (*CertKit, error)
- func NewFromCK(path string) (*CertKit, error)
type CertkitG

Constants ¶

View Source

const (
	PolicyCreateCertAsPending byte = iota
	PolicyCreateCertAsTrusted
)

Variables ¶

View Source

var CertDirectories = []string{
	"/etc/ssl/certs",
}

View Source

var ErrInvalidPolicy error = errors.New("Error invalid policy")

View Source

var ErrorCertsMustHaveKeys error = errors.New("Either provide both certificate and key or none of them")

View Source

var ErrorDuplicateFile error = errors.New("Error duplicate file")

View Source

var ErrorUnauthorized error = errors.New("Unauthorized access attempt")

Functions ¶

func SetCreatePolicy ¶

func SetCreatePolicy(policy byte) error

Types ¶

type CertKit ¶

type CertKit struct {
	Path                     string
	ServerCertPem, CACertPem []byte
	ServerCert, CACert       *x509.Certificate
	ServerKeyPem, CAKeyPem   []byte
	ServerKey, CAKey         *rsa.PrivateKey
	CACRL                    []byte
	CertPool                 *x509.CertPool
	UserCerts                map[string]*x509.Certificate
	ServerX509KeyPair        tls.Certificate
}

func New ¶

func New(srvsubject, casubject pkix.Name, host, email string) (*CertKit, error)

func NewFromCK ¶

func NewFromCK(path string) (*CertKit, error)

func (*CertKit) AddUserData ¶

func (ck *CertKit) AddUserData(usrKey string, ClientCert *x509.Certificate) error

func (*CertKit) Authorize ¶

func (ck *CertKit) Authorize(path string, parms map[string]interface{}, RemoteAddr string, TLS *tls.ConnectionState, SavePending func(interface{}) error) (httpstat int, data interface{}, err error)

func (*CertKit) Delete ¶

func (ck *CertKit) Delete(tree, id string) error

func (*CertKit) Drop ¶

func (ck *CertKit) Drop(id string) error

func (*CertKit) GenerateCA ¶

func (crtkit *CertKit) GenerateCA(subject pkix.Name, host, email string, listenport ...string) error

func (*CertKit) GenerateClient ¶

func (crtkit *CertKit) GenerateClient(subject pkix.Name, email, password string) ([]byte, []byte, error)

func (*CertKit) GenerateServer ¶

func (crtkit *CertKit) GenerateServer(subject pkix.Name, host, email string, NotBefore ...time.Time) error

func (*CertKit) GetCACert ¶

func (ck *CertKit) GetCACert() *x509.Certificate

func (*CertKit) GetCAKey ¶

func (ck *CertKit) GetCAKey() *rsa.PrivateKey

func (*CertKit) GetCertPool ¶

func (ck *CertKit) GetCertPool() *x509.CertPool

func (*CertKit) GetDNSNames ¶

func (ck *CertKit) GetDNSNames() []string

func (*CertKit) GetPending ¶

func (ck *CertKit) GetPending() (map[string]interface{}, error)

func (*CertKit) GetServerCert ¶

func (ck *CertKit) GetServerCert() *x509.Certificate

func (*CertKit) GetServerKey ¶

func (ck *CertKit) GetServerKey() *rsa.PrivateKey

func (*CertKit) GetServerX509KeyPair ¶

func (ck *CertKit) GetServerX509KeyPair() tls.Certificate

func (*CertKit) GetTLSConfig ¶

func (ck *CertKit) GetTLSConfig(Access uint8) (*tls.Config, error)

func (ck *CertKit) GetTLSConfig(AuthRequired bool) (*tls.Config, error) {

func (*CertKit) GetTrusted ¶

func (ck *CertKit) GetTrusted() (map[string]interface{}, error)

func (*CertKit) LoadUserData ¶

func (ck *CertKit) LoadUserData() error

func (CertKit) ReadCRL ¶

func (crtkit CertKit) ReadCRL(fname string) ([]byte, error)

Load in memory the Certificate Revogation List from the PemPath field of Service struct

func (CertKit) ReadCertFromReader ¶

func (crtkit CertKit) ReadCertFromReader(r io.Reader) (*x509.Certificate, []byte, error)

Load in memory and decodes the microservice certificate from the PemPath field of Service struct

func (CertKit) ReadCertificate ¶

func (crtkit CertKit) ReadCertificate(fname string) (*x509.Certificate, []byte, error)

Open certificate file and call the reader

func (CertKit) ReadDecryptRsaPrivKey ¶

func (crtkit CertKit) ReadDecryptRsaPrivKey(fname string) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadDecryptRsaPrivKeyFromReader ¶

func (crtkit CertKit) ReadDecryptRsaPrivKeyFromReader(r io.Reader) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadRsaPrivKey ¶

func (crtkit CertKit) ReadRsaPrivKey(fname string) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadRsaPrivKeyFromReader ¶

func (crtkit CertKit) ReadRsaPrivKeyFromReader(r io.Reader) (*rsa.PrivateKey, []byte, error)

func (*CertKit) Reject ¶

func (ck *CertKit) Reject(id string) error

func (*CertKit) SavePending ¶

func (ck *CertKit) SavePending(cert *x509.Certificate) error

func (CertKit) ServeHTTP ¶

func (svc CertKit) ServeHTTP(w http.ResponseWriter, r *http.Request)

func (*CertKit) Setup ¶

func (ck *CertKit) Setup(udata map[string]interface{}) error

func (*CertKit) StartCRLServer ¶

func (ck *CertKit) StartCRLServer(listenAddress string, listener *stonelizard.StoppableListener) error

func (*CertKit) Trust ¶

func (ck *CertKit) Trust(id string) error

type CertkitG ¶

type CertkitG struct {
	Generator goose.Alert `json:"Generator"`
	Loader    goose.Alert `json:"Loader"`
	Serve     goose.Alert `json:"Serve"`
	Auth      goose.Alert `json:"Auth"`
}

var Goose CertkitG

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL