cert

package

v1.5.1 Latest Latest Go to latest Published: Feb 8, 2017 License: Apache-2.0, Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/octplane/client-go

Documentation ¶

Index ¶

func CanReadCertOrKey(certPath, keyPath string) bool
func EncodeCertPEM(cert *x509.Certificate) []byte
func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)
func GenerateSelfSignedCert(host, certPath, keyPath string, alternateIPs []net.IP, alternateDNS []string) error
func MakeCSR(privateKey interface{}, subject *pkix.Name, dnsSANs []string, ipSANs []net.IP) (csr []byte, err error)
func MakeEllipticPrivateKeyPEM() ([]byte, error)
func NewPool(filename string) (*x509.CertPool, error)
func NewPrivateKey() (*rsa.PrivateKey, error)
func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, error)
func NewSignedCert(cfg Config, key *rsa.PrivateKey, caCert *x509.Certificate, ...) (*x509.Certificate, error)
func ParseCSR(obj *certificates.CertificateSigningRequest) (*x509.CertificateRequest, error)
func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)
func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)
func WriteCert(certPath string, data []byte) error
func WriteKey(keyPath string, data []byte) error
type AltNames
type Config

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CanReadCertOrKey ¶

func CanReadCertOrKey(certPath, keyPath string) bool

CanReadCertOrKey returns true if the certificate or key files already exists, otherwise returns false.

func EncodeCertPEM ¶

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func EncodePrivateKeyPEM ¶

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data

func EncodePublicKeyPEM ¶

func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-endcode public data

func GenerateSelfSignedCert ¶

func GenerateSelfSignedCert(host, certPath, keyPath string, alternateIPs []net.IP, alternateDNS []string) error

GenerateSelfSignedCert creates a self-signed certificate and key for the given host. Host may be an IP or a DNS name You may also specify additional subject alt names (either ip or dns names) for the certificate The certificate will be created with file mode 0644. The key will be created with file mode 0600. If the certificate or key files already exist, they will be overwritten. Any parent directories of the certPath or keyPath will be created as needed with file mode 0755.

func MakeCSR ¶

func MakeCSR(privateKey interface{}, subject *pkix.Name, dnsSANs []string, ipSANs []net.IP) (csr []byte, err error)

MakeCSR generates a PEM-encoded CSR using the supplied private key, subject, and SANs. All key types that are implemented via crypto.Signer are supported (This includes *rsa.PrivateKey and *ecdsa.PrivateKey.)

func MakeEllipticPrivateKeyPEM ¶

func MakeEllipticPrivateKeyPEM() ([]byte, error)

MakeEllipticPrivateKeyPEM creates an ECDSA private key

func NewPool ¶

func NewPool(filename string) (*x509.CertPool, error)

NewPool returns an x509.CertPool containing the certificates in the given PEM-encoded file. Returns an error if the file could not be read, a certificate could not be parsed, or if the file does not contain any certificates

func NewPrivateKey ¶

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSelfSignedCACert ¶

func NewSelfSignedCACert(cfg Config, key *rsa.PrivateKey) (*x509.Certificate, error)

NewSelfSignedCACert creates a CA certificate

func NewSignedCert ¶

func NewSignedCert(cfg Config, key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ParseCSR ¶

func ParseCSR(obj *certificates.CertificateSigningRequest) (*x509.CertificateRequest, error)

ParseCSR extracts the CSR from the API object and decodes it.

func ParseCertsPEM ¶

func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)

ParseCertsPEM returns the x509.Certificates contained in the given PEM-encoded byte array Returns an error if a certificate could not be parsed, or if the data does not contain any certificates

func ParsePrivateKeyPEM ¶

func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)

ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data. Recognizes PEM blocks for "EC PRIVATE KEY" and "RSA PRIVATE KEY"

func WriteCert ¶

func WriteCert(certPath string, data []byte) error

WriteCert writes the pem-encoded certificate data to certPath. The certificate file will be created with file mode 0644. If the certificate file already exists, it will be overwritten. The parent directory of the certPath will be created as needed with file mode 0755.

func WriteKey ¶

func WriteKey(keyPath string, data []byte) error

WriteKey writes the pem-encoded key data to keyPath. The key file will be created with file mode 0600. If the key file already exists, it will be overwritten. The parent directory of the keyPath will be created as needed with file mode 0755.

Types ¶

type AltNames ¶

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type Config ¶

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
}

Config containes the basic fields required for creating a certificate

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL