pki

package
v0.30.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 31, 2023 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Overview

Package pki provides helpers to manage a Public Key Infrastructure.

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrCannotSelfSignNonCA = errors.New("cannot self sign non CA request")
	ErrMaxPathLenReached   = errors.New("max path len reached")
)

Signing errors.

Functions

This section is empty.

Types

type CSRRequest 

type CSRRequest struct {
	Name                string
	IsClientCertificate bool
	PrivateKey          rsa.PrivateKey
	Template            *x509.CertificateRequest
}

type EcPrivateKeyOptions added in v0.30.0 

type EcPrivateKeyOptions struct {
	Curve elliptic.Curve
}

func (*EcPrivateKeyOptions) GenerateKey added in v0.30.0 

func (e *EcPrivateKeyOptions) GenerateKey() (crypto.PrivateKey, error)

type PrivateKeyOptions added in v0.30.0 

type PrivateKeyOptions interface {
	GenerateKey() (crypto.PrivateKey, error)
}

type Request 

type Request struct {
	Name                string
	KeyName             string
	IsClientCertificate bool
	PrivateKeyOptions   PrivateKeyOptions
	Template            *x509.Certificate
	AllowOverwrite      bool
}

Request is a struct for providing configuration to GenerateCertificate when actioning a certification generation request.

type RsaPrivateKeyOptions added in v0.30.0 

type RsaPrivateKeyOptions struct {
	Size int
}

func (*RsaPrivateKeyOptions) GenerateKey added in v0.30.0 

func (r *RsaPrivateKeyOptions) GenerateKey() (crypto.PrivateKey, error)

type ZitiPKI 

type ZitiPKI struct {
	Store store.Store
}

ZitiPKI wraps helpers to handle a Public Key Infrastructure.

func (*ZitiPKI) CRL 

func (e *ZitiPKI) CRL(caName string, expire time.Time) ([]byte, error)

CRL builds a CRL for a given CA based on the revoked certs.

func (*ZitiPKI) CSR 

func (e *ZitiPKI) CSR(caname string, bundleName string, csrTemplate x509.CertificateRequest, privateKey crypto.PrivateKey) error

CSR generates a csr certificate

func (*ZitiPKI) Chain 

func (e *ZitiPKI) Chain(signer *certificate.Bundle, req *Request) error

Chain will...

func (*ZitiPKI) GeneratePrivateKey 

func (e *ZitiPKI) GeneratePrivateKey(signer *certificate.Bundle, req *Request) error

GeneratePrivateKey generates and stores a private key

func (*ZitiPKI) GetBundle 

func (e *ZitiPKI) GetBundle(caName, name string) (*certificate.Bundle, error)

GetBundle fetches and returns a certificate bundle from the store.

func (*ZitiPKI) GetCA 

func (e *ZitiPKI) GetCA(name string) (*certificate.Bundle, error)

GetCA fetches and returns the named Certificate Authority bundle from the store.

func (*ZitiPKI) GetPrivateKey 

func (e *ZitiPKI) GetPrivateKey(caname string, keyname string) (crypto.PrivateKey, error)

GetPrivateKey fetches and returns a private key from the store.

func (*ZitiPKI) Revoke 

func (e *ZitiPKI) Revoke(caName string, cert *x509.Certificate) error

Revoke revokes the given certificate from the store.

func (*ZitiPKI) Sign 

func (e *ZitiPKI) Sign(signer *certificate.Bundle, req *Request) error

Sign signs a generated certificate bundle based on the given request with the given signer.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.