pki

package
v0.15.16-rc7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2021 License: Apache-2.0 Imports: 31 Imported by: 4

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetConfigPath

func GetConfigPath() string

GetConfigPath returns the directory where the configuration files are stored based on the STEPPATH environment variable.

func GetDBPath

func GetDBPath() string

GetDBPath returns the path where the file-system persistence is stored based on the STEPPATH environment variable.

func GetOTTKeyPath

func GetOTTKeyPath() string

GetOTTKeyPath returns the path where the one-time token key is stored based on the STEPPATH environment variable.

func GetProvisionerKey

func GetProvisionerKey(caURL, rootFile, kid string) (string, error)

GetProvisionerKey returns the encrypted provisioner key with the for the given kid.

func GetProvisioners

func GetProvisioners(caURL, rootFile string) (provisioner.List, error)

GetProvisioners returns the map of provisioners on the given CA.

func GetPublicPath

func GetPublicPath() string

GetPublicPath returns the directory where the public keys are stored based on the STEPPATH environment variable.

func GetRootCAPath

func GetRootCAPath() string

GetRootCAPath returns the path where the root CA is stored based on the STEPPATH environment variable.

func GetSecretsPath

func GetSecretsPath() string

GetSecretsPath returns the directory where the private keys are stored based on the STEPPATH environment variable.

func GetTemplatesPath added in v0.14.0

func GetTemplatesPath() string

GetTemplatesPath returns the path where the templates are stored.

Types

type Option

type Option func(c *authconfig.Config) error

Option is the type for modifiers over the auth config object.

func WithDefaultDB

func WithDefaultDB() Option

WithDefaultDB is a configuration modifier that adds a default DB stanza to the authority config.

func WithoutDB

func WithoutDB() Option

WithoutDB is a configuration modifier that adds a default DB stanza to the authority config.

type PKI

type PKI struct {
	// contains filtered or unexported fields
}

PKI represents the Public Key Infrastructure used by a certificate authority.

func New

func New(opts apiv1.Options) (*PKI, error)

New creates a new PKI configuration.

func (*PKI) CreateCertificateAuthorityResponse added in v0.15.6

func (p *PKI) CreateCertificateAuthorityResponse(cert *x509.Certificate, key crypto.PrivateKey) *apiv1.CreateCertificateAuthorityResponse

CreateCertificateAuthorityResponse returns a CreateCertificateAuthorityResponse that can be used as a parent of a CreateCertificateAuthority request.

func (*PKI) GenerateConfig

func (p *PKI) GenerateConfig(opt ...Option) (*authconfig.Config, error)

GenerateConfig returns the step certificates configuration.

func (*PKI) GenerateIntermediateCertificate

func (p *PKI) GenerateIntermediateCertificate(name, org, resource string, parent *apiv1.CreateCertificateAuthorityResponse, pass []byte) error

GenerateIntermediateCertificate generates an intermediate certificate with the given name and using the default key type.

func (*PKI) GenerateKeyPairs

func (p *PKI) GenerateKeyPairs(pass []byte) error

GenerateKeyPairs generates the key pairs used by the certificate authority.

func (*PKI) GenerateRootCertificate

func (p *PKI) GenerateRootCertificate(name, org, resource string, pass []byte) (*apiv1.CreateCertificateAuthorityResponse, error)

GenerateRootCertificate generates a root certificate with the given name and using the default key type.

func (*PKI) GenerateSSHSigningKeys

func (p *PKI) GenerateSSHSigningKeys(password []byte) error

GenerateSSHSigningKeys generates and encrypts a private key used for signing SSH user certificates and a private key used for signing host certificates.

func (*PKI) GetCAConfigPath

func (p *PKI) GetCAConfigPath() string

GetCAConfigPath returns the path of the CA configuration file.

func (*PKI) GetCertificateAuthority added in v0.15.5

func (p *PKI) GetCertificateAuthority() error

GetCertificateAuthority attempts to load the certificate authority from the RA.

func (*PKI) GetRootFingerprint

func (p *PKI) GetRootFingerprint() string

GetRootFingerprint returns the root fingerprint.

func (*PKI) Save

func (p *PKI) Save(opt ...Option) error

Save stores the pki on a json file that will be used as the certificate authority configuration.

func (*PKI) SetAddress

func (p *PKI) SetAddress(s string)

SetAddress sets the listening address of the CA.

func (*PKI) SetCAURL

func (p *PKI) SetCAURL(s string)

SetCAURL sets the ca-url to use in the defaults.json.

func (*PKI) SetDNSNames

func (p *PKI) SetDNSNames(s []string)

SetDNSNames sets the dns names of the CA.

func (*PKI) SetProvisioner

func (p *PKI) SetProvisioner(s string)

SetProvisioner sets the provisioner name of the OTT keys.

func (*PKI) TellPKI

func (p *PKI) TellPKI()

TellPKI outputs the locations of public and private keys generated generated for a new PKI. Generally this will consist of a root certificate and key and an intermediate certificate and key.

func (*PKI) WriteIntermediateCertificate added in v0.15.2

func (p *PKI) WriteIntermediateCertificate(crt *x509.Certificate, key interface{}, pass []byte) error

WriteIntermediateCertificate writes to disk the given certificate and key.

func (*PKI) WriteRootCertificate

func (p *PKI) WriteRootCertificate(rootCrt *x509.Certificate, rootKey interface{}, pass []byte) error

WriteRootCertificate writes to disk the given certificate and key.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL