Documentation ¶
Overview ¶
Package tresor implements the certificate.Manager interface for Tresor, a custom certificate provider in OSM.
Index ¶
- func NewCA(cn certificate.CommonName, validityPeriod time.Duration, ...) (certificate.Certificater, error)
- func NewCertificateFromPEM(pemCert pem.Certificate, pemKey pem.PrivateKey, expiration time.Time) (certificate.Certificater, error)
- type CertManager
- func (cm *CertManager) GetCertificate(cn certificate.CommonName) (certificate.Certificater, error)
- func (cm *CertManager) GetRootCertificate() (certificate.Certificater, error)
- func (cm *CertManager) IssueCertificate(cn certificate.CommonName, validityPeriod time.Duration) (certificate.Certificater, error)
- func (cm *CertManager) ListCertificates() ([]certificate.Certificater, error)
- func (cm *CertManager) ListIssuedCertificates() []certificate.Certificater
- func (cm *CertManager) ReleaseCertificate(cn certificate.CommonName)
- func (cm *CertManager) RotateCertificate(cn certificate.CommonName) (certificate.Certificater, error)
- type Certificate
- func (c Certificate) GetCertificateChain() []byte
- func (c Certificate) GetCommonName() certificate.CommonName
- func (c Certificate) GetExpiration() time.Time
- func (c Certificate) GetIssuingCA() []byte
- func (c Certificate) GetPrivateKey() []byte
- func (c Certificate) GetSerialNumber() certificate.SerialNumber
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewCA ¶
func NewCA(cn certificate.CommonName, validityPeriod time.Duration, rootCertCountry, rootCertLocality, rootCertOrganization string) (certificate.Certificater, error)
NewCA creates a new Certificate Authority.
func NewCertificateFromPEM ¶
func NewCertificateFromPEM(pemCert pem.Certificate, pemKey pem.PrivateKey, expiration time.Time) (certificate.Certificater, error)
NewCertificateFromPEM is a helper returning a certificate.Certificater from the PEM components given.
Types ¶
type CertManager ¶
type CertManager struct {
// contains filtered or unexported fields
}
CertManager implements certificate.Manager
func NewCertManager ¶
func NewCertManager( ca certificate.Certificater, certificatesOrganization string, cfg configurator.Configurator, serviceCertValidityDuration time.Duration, keySize int, msgBroker *messaging.Broker) (*CertManager, error)
NewCertManager creates a new CertManager with the passed CA and CA Private Key
func NewFakeCertManager ¶
func NewFakeCertManager(cfg configurator.Configurator) *CertManager
NewFakeCertManager creates a fake CertManager used for testing.
func NewFakeCertManagerForRotation ¶ added in v0.11.1
func NewFakeCertManagerForRotation(cfg configurator.Configurator, msgBroker *messaging.Broker) *CertManager
NewFakeCertManagerForRotation creates a fake CertManager used for testing certificate rotation
func (*CertManager) GetCertificate ¶
func (cm *CertManager) GetCertificate(cn certificate.CommonName) (certificate.Certificater, error)
GetCertificate returns a certificate given its Common Name (CN)
func (*CertManager) GetRootCertificate ¶
func (cm *CertManager) GetRootCertificate() (certificate.Certificater, error)
GetRootCertificate returns the root certificate.
func (*CertManager) IssueCertificate ¶
func (cm *CertManager) IssueCertificate(cn certificate.CommonName, validityPeriod time.Duration) (certificate.Certificater, error)
IssueCertificate implements certificate.Manager and returns a newly issued certificate.
func (*CertManager) ListCertificates ¶ added in v0.1.0
func (cm *CertManager) ListCertificates() ([]certificate.Certificater, error)
ListCertificates lists all certificates issued
func (*CertManager) ListIssuedCertificates ¶
func (cm *CertManager) ListIssuedCertificates() []certificate.Certificater
ListIssuedCertificates implements CertificateDebugger interface and returns the list of issued certificates.
func (*CertManager) ReleaseCertificate ¶ added in v0.6.0
func (cm *CertManager) ReleaseCertificate(cn certificate.CommonName)
ReleaseCertificate is called when a cert will no longer be needed and should be removed from the system.
func (*CertManager) RotateCertificate ¶
func (cm *CertManager) RotateCertificate(cn certificate.CommonName) (certificate.Certificater, error)
RotateCertificate implements certificate.Manager and rotates an existing certificate.
type Certificate ¶
type Certificate struct {
// contains filtered or unexported fields
}
Certificate implements certificate.Certificater
func NewFakeCertificate ¶ added in v0.4.1
func NewFakeCertificate() *Certificate
NewFakeCertificate is a helper creating Certificates for unit tests.
func (Certificate) GetCertificateChain ¶
func (c Certificate) GetCertificateChain() []byte
GetCertificateChain implements certificate.Certificater and returns the certificate chain.
func (Certificate) GetCommonName ¶
func (c Certificate) GetCommonName() certificate.CommonName
GetCommonName implements certificate.Certificater and returns the CN of the cert.
func (Certificate) GetExpiration ¶
func (c Certificate) GetExpiration() time.Time
GetExpiration implements certificate.Certificater and returns the time the given certificate expires.
func (Certificate) GetIssuingCA ¶
func (c Certificate) GetIssuingCA() []byte
GetIssuingCA implements certificate.Certificater and returns the root certificate for the given cert.
func (Certificate) GetPrivateKey ¶
func (c Certificate) GetPrivateKey() []byte
GetPrivateKey implements certificate.Certificater and returns the private key of the cert.
func (Certificate) GetSerialNumber ¶ added in v0.6.0
func (c Certificate) GetSerialNumber() certificate.SerialNumber
GetSerialNumber returns the serial number of the given certificate.