generateCertificate

package
v2.5.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 27, 2024 License: Apache-2.0 Imports: 17 Imported by: 5

Documentation

Index

Constants

View Source
const (
	EllipticCurveP256 EllipticCurve = "P256"
	EllipticCurveP384 EllipticCurve = "P384"
	EllipticCurveP521 EllipticCurve = "P521"

	SignatureAlgorithmECDSAWithSHA256 SignatureAlgorithm = "ECDSA-SHA256"
	SignatureAlgorithmECDSAWithSHA384 SignatureAlgorithm = "ECDSA-SHA384"
	SignatureAlgorithmECDSAWithSHA512 SignatureAlgorithm = "ECDSA-SHA512"
)

Variables

This section is empty.

Functions

func GenerateCSR

func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)

GenerateCSR creates CSR according to configuration.

func GenerateCert

func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateIdentityCSR

func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)

GenerateIdentityCSR creates identity CSR according to configuration.

func GenerateIdentityCert

func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateIntermediateCA

func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateRootCA

func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)

func NewIdentityCSRTemplate

func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)

func OidFromExtKeyUsage

func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)

Types

type Configuration

type Configuration struct {
	Subject struct {
		Country            []string `yaml:"country" long:"c" description:"to set more values repeat option with parameter"`
		Organization       []string `yaml:"organization" long:"o" description:"to set more values repeat option with parameter"`
		OrganizationalUnit []string `yaml:"organizationUnit" long:"ou" description:"to set more values repeat option with parameter"`
		Locality           []string `yaml:"locality" long:"l" description:"to set more values repeat option with parameter"`
		CommonName         string   `yaml:"commonName" long:"cn"`
		Province           []string `yaml:"province" long:"p" description:"to set more values repeat option with parameter"`
		StreetAddress      []string `yaml:"streetAddress" long:"sa" description:"to set more values repeat option with parameter"`
		PostalCode         []string `yaml:"postalCode" long:"pc" description:"to set more values repeat option with parameter"`
		SerialNumber       string   `yaml:"serialNumber" long:"sn"`
	} `yaml:"subject" group:"Subject" namespace:"subject"`
	SubjectAlternativeName struct {
		DNSNames    []string `yaml:"dnsNames" long:"domain" description:"to set more values repeat option with parameter"`
		IPAddresses []string `yaml:"ipAddresses" long:"ip" description:"to set more values repeat option with parameter"`
	} `yaml:"subjectAlternativeName" group:"Subject Alternative Name" namespace:"san"`
	BasicConstraints struct {
		Ignore     bool `yaml:"ignore" long:"ignore"  description:"bool, don't set basic constraints"`
		MaxPathLen int  `yaml:"maxPathLen" long:"maxPathLen" default:"-1"  description:"int, -1 means unlimited"`
	} `yaml:"basicConstraints" group:"Basic Constraints" namespace:"basicConstraints"`
	ValidFrom string        `yaml:"validFrom" long:"validFrom" default:"now" description:"valid from time, format in RFC3339 (eg:2014-11-12T11:45:00Z)"`
	ValidFor  time.Duration `yaml:"validFor" long:"validFor" default:"8760h" description:"duration, format in NUMh"`
	NotBefore string        `` /* 128-byte string literal not displayed */
	NotAfter  string        `` /* 131-byte string literal not displayed */
	//nolint:staticcheck
	KeyUsages []string `` /* 138-byte string literal not displayed */
	//nolint:staticcheck
	ExtensionKeyUsages []string           `` /* 132-byte string literal not displayed */
	EllipticCurve      EllipticCurve      `yaml:"ellipticCurve" long:"ellipticCurve" default:"P256" description:"supported values:P256, P384, P521"`
	SignatureAlgorithm SignatureAlgorithm `` /* 146-byte string literal not displayed */
}

func (Configuration) AsnExtensionKeyUsages

func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)

func (Configuration) AsnKeyUsages

func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)

func (Configuration) GenerateKey

func (cfg Configuration) GenerateKey() (*ecdsa.PrivateKey, error)

func (Configuration) ToEllipticCurve

func (cfg Configuration) ToEllipticCurve() (elliptic.Curve, error)

func (Configuration) ToIPAddresses

func (cfg Configuration) ToIPAddresses() ([]net.IP, error)

func (Configuration) ToPkixName

func (cfg Configuration) ToPkixName() pkix.Name

func (Configuration) ToSignatureAlgorithm

func (cfg Configuration) ToSignatureAlgorithm() (x509.SignatureAlgorithm, error)

func (Configuration) ToValidFrom

func (cfg Configuration) ToValidFrom() (time.Time, error)

func (Configuration) X509ExtKeyUsages

func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)

func (Configuration) X509KeyUsages

func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)

type EllipticCurve

type EllipticCurve string

type SignatureAlgorithm

type SignatureAlgorithm string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL