Documentation ¶
Overview ¶
Package store provides different methods to store a Public Key Infrastructure.
Index ¶
- Constants
- func InitCADir(path string) error
- type Local
- func (l *Local) Add(caName, name string, isCa bool, key, cert []byte, allowOverwrite bool) error
- func (l *Local) AddCSR(caName, name string, isCa bool, key, cert []byte) error
- func (l *Local) AddKey(caName string, name string, key []byte) error
- func (l *Local) Chain(caName, destCaName, name string) error
- func (l *Local) Exists(caName, name string) bool
- func (l *Local) Fetch(caName, name string) ([]byte, []byte, error)
- func (l *Local) FetchKeyBytes(caName, name string) ([]byte, error)
- func (l *Local) Revoked(caName string) ([]pkix.RevokedCertificate, error)
- func (l *Local) Update(caName string, sn *big.Int, st certificate.State) error
- type Store
Constants ¶
View Source
const ( LocalCertsDir = "certs" LocalKeysDir = "keys" LocalCrlsDir = "crls" )
Predifined directory names.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Local ¶
type Local struct {
Root string
}
Local lets us store a Certificate Authority on the local filesystem.
The structure used makes it compatible with openssl.
func (*Local) Chain ¶
Chain concats an intermediate cert and a newly signed certificate bundle and adds the chained cert to the store.
func (*Local) Exists ¶
Exists checks if a certificate or private key already exist on the local filesystem for a given name.
func (*Local) Fetch ¶
Fetch fetches the private key and certificate for a given name signed by caName.
func (*Local) FetchKeyBytes ¶
FetchKeyBytes fetchs the private key and certificate for a given name signed by caName.
type Store ¶
type Store interface { // Add adds a newly signed certificate bundle to the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The certificate bundle name. // Is the bundle to add an intermediate CA. // The raw private key. // The raw certificate. // Flag indicating if existing certs can be overwritten // // Returns an error if it failed to store the bundle. Add(string, string, bool, []byte, []byte, bool) error // Chain concats a signing cert and a newly signed certificate bundle and adds the chained cert to the store. // // Args: // The signing CA name. // The destination CA name. // The certificate bundle name. // // Returns an error if it failed to store the bundle. Chain(string, string, string) error // AddCSR adds a CSR to the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The CSR bundle name. // Is the bundle to add an intermediate CA. // The raw private key. // The raw certificate. // // Returns an error if it failed to store the bundle. AddCSR(string, string, bool, []byte, []byte) error // AddKey adds a new private key to the store. // // Args: // The intermediate CA name // The Key name // The private key // // Returns an error if it failed to store the bundle. AddKey(string, string, []byte) error // Fetch fetches a certificate bundle from the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The name of the certificate bundle. // // Returns the raw private key and certificate respectively or an error. Fetch(string, string) ([]byte, []byte, error) // FetchKeyBytes fetches the private key of a certificate bundle from the store. // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The name of the certificate bundle. // // Returns the raw private key or an error. FetchKeyBytes(string, string) ([]byte, error) // Update updates the state of a certificate. (Valid, Revoked, Expired) // // Args: // The CA name, if the certificate was signed with an intermediate CA. // The serial of the certificate to update. // The new state. // // Returns an error if the update failed. Update(string, *big.Int, certificate.State) error // Revoked returns a list of revoked certificates for a given CA. // // Args: // The CA name, if it is for an intermediate CA. // // Returns a list of revoked certificate or an error. Revoked(string) ([]pkix.RevokedCertificate, error) }
Store represents a way to store a Certificate Authority.
Click to show internal directories.
Click to hide internal directories.