ca

package

v0.5.0 Latest Latest Go to latest Published: Jun 6, 2022 License: Apache-2.0 Imports: 7 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/sigstore/fulcio

Links

Open Source Insights

Documentation ¶

Index ¶

type CertificateAuthority
type CodeSigningCertificate
- func CreateCSCFromDER(cert []byte, chain []*x509.Certificate) (*CodeSigningCertificate, error)
- func CreateCSCFromPEM(cert string, chain []string) (*CodeSigningCertificate, error)
- func (c *CodeSigningCertificate) CertPEM() (string, error)
- func (c *CodeSigningCertificate) ChainPEM() ([]string, error)
type CodeSigningPreCertificate
type EmbeddedSCTCA
type ValidationError

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertificateAuthority ¶

type CertificateAuthority interface {
	CreateCertificate(context.Context, identity.Principal, crypto.PublicKey) (*CodeSigningCertificate, error)
	Root(ctx context.Context) ([]byte, error)
}

CertificateAuthority implements certificate creation with a detached SCT and fetching the CA trust bundle.

type CodeSigningCertificate ¶

type CodeSigningCertificate struct {
	FinalCertificate *x509.Certificate
	FinalChain       []*x509.Certificate
	// contains filtered or unexported fields
}

func CreateCSCFromDER ¶

func CreateCSCFromDER(cert []byte, chain []*x509.Certificate) (*CodeSigningCertificate, error)

func CreateCSCFromPEM ¶

func CreateCSCFromPEM(cert string, chain []string) (*CodeSigningCertificate, error)

func (*CodeSigningCertificate) CertPEM ¶

func (c *CodeSigningCertificate) CertPEM() (string, error)

func (*CodeSigningCertificate) ChainPEM ¶

func (c *CodeSigningCertificate) ChainPEM() ([]string, error)

type CodeSigningPreCertificate ¶

type CodeSigningPreCertificate struct {
	// PreCert contains the precertificate. Not a valid certificate due to a critical poison extension.
	PreCert *x509.Certificate
	// CertChain contains the certificate chain to verify the precertificate.
	CertChain []*x509.Certificate
	// PrivateKey contains the signing key used to sign the precertificate. Will be used to sign the certificate.
	// Included in case the signing key is rotated in between precertificate generation and final issuance.
	PrivateKey crypto.Signer
}

CodeSigningPreCertificate holds a precertificate and chain.

type EmbeddedSCTCA ¶

type EmbeddedSCTCA interface {
	CreatePrecertificate(context.Context, identity.Principal, crypto.PublicKey) (*CodeSigningPreCertificate, error)
	IssueFinalCertificate(ctx context.Context, precert *CodeSigningPreCertificate, sct *ct.SignedCertificateTimestamp) (*CodeSigningCertificate, error)
}

EmbeddedSCTCA implements precertificate and certificate issuance. Certificates will contain an embedded SCT.

type ValidationError ¶

type ValidationError error

ValidationError indicates that there is an issue with the content in the HTTP Request that should result in an HTTP 400 Bad Request error being returned to the client

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
ephemeralca
fileca
googleca
v1
intermediateca
kmsca
x509ca

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL