pki

package
v0.1.14 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 3, 2017 License: AGPL-3.0 Imports: 10 Imported by: 0

Documentation

Overview

Package pki contains bits and pieces to work with OpenVPN PKI related operations.

Index

Constants

View Source
const (
	PEMCertificateBlockType   string = "CERTIFICATE"
	PEMRSAPrivateKeyBlockType        = "RSA PRIVATE KEY"
	PEMx509CRLBlockType              = "X509 CRL"
	PEMCSRBlockType                  = "CERTIFICATE REQUEST"
)

PEM encoding types

Variables

This section is empty.

Functions

func NewCRL

func NewCRL(ca *CA, serials ...*big.Int) (string, error)

NewCRL takes in a list of certificate serial numbers to-be-revoked and a CA then makes a PEM encoded CRL and returns it as a string.

func ReadCertFromPEM

func ReadCertFromPEM(s string) (*x509.Certificate, error)

ReadCertFromPEM decodes a PEM encoded string into a x509.Certificate.

Types

type CA

type CA struct {
	CertHolder
	CSR string
}

CA is a special type of CertHolder that also has a CSR in it.

func NewCA

func NewCA() (*CA, error)

NewCA returns a newly generated CA.

This will generate a public/private RSA keypair and a authority certificate signed by itself.

type CertHolder

type CertHolder struct {
	Cert string // PEM Encoded Certificate
	Key  string // PEM Encoded Private Key
}

CertHolder encapsulates a public certificate and the corresponding private key.

func NewClientCertHolder

func NewClientCertHolder(ca *CA, username string) (*CertHolder, error)

NewClientCertHolder generates a RSA key-pair and a x509 certificate signed by the CA for the client.

func NewServerCertHolder

func NewServerCertHolder(ca *CA) (*CertHolder, error)

NewServerCertHolder generates a RSA key-pair and a x509 certificate signed by the CA for the server.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL