Documentation ¶
Index ¶
- Constants
- func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
- func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, ...) ([]byte, error)
- func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
- func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)
- func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)
- type Configuration
- func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)
- func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)
- func (cfg Configuration) GenerateKey() (*ecdsa.PrivateKey, error)
- func (cfg Configuration) ToEllipticCurve() (elliptic.Curve, error)
- func (cfg Configuration) ToIPAddresses() ([]net.IP, error)
- func (cfg Configuration) ToPkixName() pkix.Name
- func (cfg Configuration) ToSignatureAlgorithm() (x509.SignatureAlgorithm, error)
- func (cfg Configuration) ToValidFrom() (time.Time, error)
- func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)
- func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)
- type EllipticCurve
- type SignatureAlgorithm
Constants ¶
View Source
const ( EllipticCurveP256 EllipticCurve = "P256" EllipticCurveP384 EllipticCurve = "P384" EllipticCurveP521 EllipticCurve = "P521" SignatureAlgorithmECDSAWithSHA256 SignatureAlgorithm = "ECDSA-SHA256" SignatureAlgorithmECDSAWithSHA384 SignatureAlgorithm = "ECDSA-SHA384" SignatureAlgorithmECDSAWithSHA512 SignatureAlgorithm = "ECDSA-SHA512" )
Variables ¶
This section is empty.
Functions ¶
func GenerateCSR ¶
func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
GenerateCSR creates CSR according to configuration.
func GenerateCert ¶
func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateIdentityCSR ¶
func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)
GenerateIdentityCSR creates identity CSR according to configuration.
func GenerateIdentityCert ¶
func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateIntermediateCA ¶
func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateRootCA ¶
func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
func NewIdentityCSRTemplate ¶
func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)
func OidFromExtKeyUsage ¶
func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)
Types ¶
type Configuration ¶
type Configuration struct { Subject struct { Country []string `yaml:"country" long:"c" description:"to set more values repeat option with parameter"` Organization []string `yaml:"organization" long:"o" description:"to set more values repeat option with parameter"` OrganizationalUnit []string `yaml:"organizationUnit" long:"ou" description:"to set more values repeat option with parameter"` Locality []string `yaml:"locality" long:"l" description:"to set more values repeat option with parameter"` CommonName string `yaml:"commonName" long:"cn"` Province []string `yaml:"province" long:"p" description:"to set more values repeat option with parameter"` StreetAddress []string `yaml:"streetAddress" long:"sa" description:"to set more values repeat option with parameter"` PostalCode []string `yaml:"postalCode" long:"pc" description:"to set more values repeat option with parameter"` SerialNumber string `yaml:"serialNumber" long:"sn"` } `yaml:"subject" group:"Subject" namespace:"subject"` SubjectAlternativeName struct { DNSNames []string `yaml:"dnsNames" long:"domain" description:"to set more values repeat option with parameter"` IPAddresses []string `yaml:"ipAddresses" long:"ip" description:"to set more values repeat option with parameter"` } `yaml:"subjectAlternativeName" group:"Subject Alternative Name" namespace:"san"` BasicConstraints struct { Ignore bool `yaml:"ignore" long:"ignore" description:"bool, don't set basic constraints"` MaxPathLen int `yaml:"maxPathLen" long:"maxPathLen" default:"-1" description:"int, -1 means unlimited"` } `yaml:"basicConstraints" group:"Basic Constraints" namespace:"basicConstraints"` ValidFrom string `yaml:"validFrom" long:"validFrom" default:"now" description:"valid from time, format in RFC3339 (eg:2014-11-12T11:45:00Z)"` ValidFor time.Duration `yaml:"validFor" long:"validFor" default:"8760h" description:"duration, format in NUMh"` NotBefore string `` /* 128-byte string literal not displayed */ NotAfter string `` /* 131-byte string literal not displayed */ //nolint:staticcheck KeyUsages []string `` /* 138-byte string literal not displayed */ //nolint:staticcheck ExtensionKeyUsages []string `` /* 132-byte string literal not displayed */ EllipticCurve EllipticCurve `yaml:"ellipticCurve" long:"ellipticCurve" default:"P256" description:"supported values:P256, P384, P521"` SignatureAlgorithm SignatureAlgorithm `` /* 146-byte string literal not displayed */ }
func (Configuration) AsnExtensionKeyUsages ¶
func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)
func (Configuration) AsnKeyUsages ¶
func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)
func (Configuration) GenerateKey ¶
func (cfg Configuration) GenerateKey() (*ecdsa.PrivateKey, error)
func (Configuration) ToEllipticCurve ¶
func (cfg Configuration) ToEllipticCurve() (elliptic.Curve, error)
func (Configuration) ToIPAddresses ¶
func (cfg Configuration) ToIPAddresses() ([]net.IP, error)
func (Configuration) ToPkixName ¶
func (cfg Configuration) ToPkixName() pkix.Name
func (Configuration) ToSignatureAlgorithm ¶
func (cfg Configuration) ToSignatureAlgorithm() (x509.SignatureAlgorithm, error)
func (Configuration) ToValidFrom ¶
func (cfg Configuration) ToValidFrom() (time.Time, error)
func (Configuration) X509ExtKeyUsages ¶
func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)
func (Configuration) X509KeyUsages ¶
func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)
type EllipticCurve ¶
type EllipticCurve string
type SignatureAlgorithm ¶
type SignatureAlgorithm string
Click to show internal directories.
Click to hide internal directories.