cert

Documentation

Index

• func Blocks2Certs(blocks []*pem.Block) ([]*x509.Certificate, error)
• func ParseCsr(csrPem []byte) (*x509.CertificateRequest, error)
• func PemChain2Blocks(pemBuff string) ([]*pem.Block, error)
• type CertPem
• type ClientSigner
  • func NewClientSigner(caCert *x509.Certificate, caKey interface{}) *ClientSigner
  • func (s *ClientSigner) Sign(csrPem []byte, opts *SigningOpts) ([]byte, error)
  • func (s *ClientSigner) SigningCertPEM() string
  • func (s *ClientSigner) ToPem(raw []byte) ([]byte, error)
• type DefaultSerialGenerator
  • func (DefaultSerialGenerator) Generate() *big.Int
• type FingerprintGenerator
  • func NewFingerprintGenerator() FingerprintGenerator
• type Fingerprints
  • func (fingerprints Fingerprints) Contains(fp string) bool
  • func (fingerprints Fingerprints) HasAny(fps []string) (string, bool)
  • func (fingerprints Fingerprints) Prints() []string
• type SerialGenerator
• type ServerSigner
  • func NewServerSigner(caCert *x509.Certificate, caKey interface{}) *ServerSigner
  • func (s *ServerSigner) Sign(csrPem []byte, opts *SigningOpts) ([]byte, error)
  • func (s *ServerSigner) SigningCertPEM() string
  • func (s *ServerSigner) ToPem(raw []byte) ([]byte, error)
• type SignFunc
• type Signer
• type SigningOpts
  • func (so *SigningOpts) Apply(c *x509.Certificate)

Functions

func Blocks2Certs

func Blocks2Certs(blocks []*pem.Block) ([]*x509.Certificate, error)

func ParseCsr

func ParseCsr(csrPem []byte) (*x509.CertificateRequest, error)

func PemChain2Blocks

func PemChain2Blocks(pemBuff string) ([]*pem.Block, error)

Types

type CertPem

type CertPem struct {
	Cert *x509.Certificate
	Pem  []byte
}

type ClientSigner

type ClientSigner struct {
	SerialGenerator SerialGenerator
	// contains filtered or unexported fields
}

func NewClientSigner

func NewClientSigner(caCert *x509.Certificate, caKey interface{}) *ClientSigner

func (*ClientSigner) Sign

func (s *ClientSigner) Sign(csrPem []byte, opts *SigningOpts) ([]byte, error)

func (*ClientSigner) SigningCertPEM

func (s *ClientSigner) SigningCertPEM() string

func (*ClientSigner) ToPem

func (s *ClientSigner) ToPem(raw []byte) ([]byte, error)

type DefaultSerialGenerator

type DefaultSerialGenerator struct{}

func (DefaultSerialGenerator) Generate

func (DefaultSerialGenerator) Generate() *big.Int

type FingerprintGenerator

type FingerprintGenerator interface {
	FromCert(cert *x509.Certificate) string
	FromCerts(certs []*x509.Certificate) Fingerprints
	FromRaw(raw []byte) string
	FromPem(pem []byte) string
}

func NewFingerprintGenerator

func NewFingerprintGenerator() FingerprintGenerator

type Fingerprints

type Fingerprints map[string]*x509.Certificate

func (Fingerprints) Contains

func (fingerprints Fingerprints) Contains(fp string) bool

func (Fingerprints) HasAny

func (fingerprints Fingerprints) HasAny(fps []string) (string, bool)

func (Fingerprints) Prints

func (fingerprints Fingerprints) Prints() []string

type SerialGenerator

type SerialGenerator interface {
	Generate() *big.Int
}

type ServerSigner

type ServerSigner struct {
	SerialGenerator SerialGenerator
	// contains filtered or unexported fields
}

func NewServerSigner

func NewServerSigner(caCert *x509.Certificate, caKey interface{}) *ServerSigner

func (*ServerSigner) Sign

func (s *ServerSigner) Sign(csrPem []byte, opts *SigningOpts) ([]byte, error)

func (*ServerSigner) SigningCertPEM

func (s *ServerSigner) SigningCertPEM() string

func (*ServerSigner) ToPem

func (s *ServerSigner) ToPem(raw []byte) ([]byte, error)

type SignFunc

type SignFunc func([]byte, *SigningOpts) ([]byte, error)

type Signer

type Signer interface {
	Sign([]byte, *SigningOpts) ([]byte, error)
	ToPem([]byte) ([]byte, error)
	SigningCertPEM() string
}

type SigningOpts

type SigningOpts struct {
	// Subject Alternate Name values.
	DNSNames       []string
	EmailAddresses []string
	IPAddresses    []net.IP
	URIs           []*url.URL

	NotBefore *time.Time
	NotAfter  *time.Time
}

func (*SigningOpts) Apply

func (so *SigningOpts) Apply(c *x509.Certificate)