certchains

package
v0.0.0-...-fe50e3d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 25, 2024 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func IsSignerNotFoundError 

func IsSignerNotFoundError(err error) bool

func WhenToRotateAtEarliest 

func WhenToRotateAtEarliest(cs *CertificateChains) ([]string, time.Time, error)

Types

type CSRInfo 

type CSRInfo interface{ GetMeta() CSRMeta }

type CSRMeta 

type CSRMeta struct {
	Name         string
	ValidityDays int
}

type CertWalkFunc 

type CertWalkFunc func(certPath []string, c x509.Certificate) error

type CertificateChains 

type CertificateChains struct {
	// contains filtered or unexported fields
}

func (*CertificateChains) GetCertKey 

func (cs *CertificateChains) GetCertKey(certPath ...string) ([]byte, []byte, error)

func (*CertificateChains) GetSigner 

func (cs *CertificateChains) GetSigner(signerPath ...string) *CertificateSigner

func (*CertificateChains) GetSignerNames 

func (cs *CertificateChains) GetSignerNames() []string

func (*CertificateChains) Regenerate 

func (cs *CertificateChains) Regenerate(certPath ...string) error

func (*CertificateChains) WalkChains 

func (cs *CertificateChains) WalkChains(rootPath []string, fn CertWalkFunc) error

WalkChains traverses through the trust chain starting at `rootPath` and applies `fn` on all the certificates in the chain tree

type CertificateChainsBuilder 

type CertificateChainsBuilder interface {
	WithSigners(signers ...CertificateSignerBuilder) CertificateChainsBuilder
	WithCABundle(bundlePath string, signerNames ...[]string) CertificateChainsBuilder
	Complete() (*CertificateChains, error)
}

func NewCertificateChains 

func NewCertificateChains(signers ...CertificateSignerBuilder) CertificateChainsBuilder

type CertificateSigner 

type CertificateSigner struct {
	// contains filtered or unexported fields
}

func (*CertificateSigner) AddToBundles 

func (s *CertificateSigner) AddToBundles(bundlePaths ...string) error

func (*CertificateSigner) GetCertKey 

func (s *CertificateSigner) GetCertKey(subjectName string) ([]byte, []byte, error)

func (*CertificateSigner) GetCertNames 

func (s *CertificateSigner) GetCertNames() []string

func (*CertificateSigner) GetSignerCertPEM 

func (s *CertificateSigner) GetSignerCertPEM() ([]byte, error)

func (*CertificateSigner) GetSubCA 

func (s *CertificateSigner) GetSubCA(signerName string) *CertificateSigner

func (*CertificateSigner) GetSubCANames 

func (s *CertificateSigner) GetSubCANames() []string

func (*CertificateSigner) Regenerate 

func (s *CertificateSigner) Regenerate(certPath ...string) error

func (*CertificateSigner) SignCertificate 

func (s *CertificateSigner) SignCertificate(csrInfo CSRInfo) error

func (*CertificateSigner) SignClientCertificate 

func (s *CertificateSigner) SignClientCertificate(signInfo *ClientCertificateSigningRequestInfo) error

func (*CertificateSigner) SignPeerCertificate 

func (s *CertificateSigner) SignPeerCertificate(signInfo *PeerCertificateSigningRequestInfo) error

func (*CertificateSigner) SignServingCertificate 

func (s *CertificateSigner) SignServingCertificate(signInfo *ServingCertificateSigningRequestInfo) error

func (*CertificateSigner) SignSubCA 

func (s *CertificateSigner) SignSubCA(subSignerInfo CertificateSignerBuilder) error

type CertificateSignerBuilder 

type CertificateSignerBuilder interface {
	SignerInfo

	WithSignerConfig(config *crypto.CA) CertificateSignerBuilder
	WithSubCAs(subCAsInfo ...CertificateSignerBuilder) CertificateSignerBuilder
	WithClientCertificates(signInfos ...*ClientCertificateSigningRequestInfo) CertificateSignerBuilder
	WithServingCertificates(signInfos ...*ServingCertificateSigningRequestInfo) CertificateSignerBuilder
	WithPeerCertificiates(signInfos ...*PeerCertificateSigningRequestInfo) CertificateSignerBuilder
	WithCABundlePaths(bundlePath ...string) CertificateSignerBuilder
	Complete() (*CertificateSigner, error)
}

func NewCertificateSigner 

func NewCertificateSigner(signerName, signerDir string, validityDays int) CertificateSignerBuilder

NewCertificateSigner returns a builder object for a certificate chain for the given signer

type ClientCertificateSigningRequestInfo 

type ClientCertificateSigningRequestInfo struct {
	CSRMeta

	UserInfo user.Info
}

func (*ClientCertificateSigningRequestInfo) GetMeta 

func (i *ClientCertificateSigningRequestInfo) GetMeta() CSRMeta

type PeerCertificateSigningRequestInfo 

type PeerCertificateSigningRequestInfo struct {
	CSRMeta

	UserInfo  user.Info
	Hostnames []string
}

func (*PeerCertificateSigningRequestInfo) GetMeta 

func (i *PeerCertificateSigningRequestInfo) GetMeta() CSRMeta

type ServingCertificateSigningRequestInfo 

type ServingCertificateSigningRequestInfo struct {
	CSRMeta

	Hostnames []string
}

func (*ServingCertificateSigningRequestInfo) GetMeta 

func (i *ServingCertificateSigningRequestInfo) GetMeta() CSRMeta

type SignerInfo 

type SignerInfo interface {
	Name() string
	Directory() string
	ValidityDays() int
}

type SignerNotFound 

type SignerNotFound struct {
	// contains filtered or unexported fields
}

func NewSignerNotFound 

func NewSignerNotFound(signerName string) *SignerNotFound

func (*SignerNotFound) Error 

func (e *SignerNotFound) Error() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.