pki

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 7, 2022 License: GPL-3.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Issued    = 0
	NotNeeded = 1
	Error     = 2
)

Variables

This section is empty.

Functions

This section is empty.

Types

type CertBackend added in v1.5.0

type CertBackend interface {
	Write(cert *CertData) error
	Read() (*x509.Certificate, error)
}

CertBackend defines pluggable backends to write certificate data to.

type CertData added in v1.5.0

type CertData struct {
	PrivateKey  []byte
	Certificate []byte
	CaChain     []byte
	Csr         []byte
}

func (*CertData) AsContainer added in v1.5.0

func (certData *CertData) AsContainer() string

func (*CertData) HasCaChain added in v1.5.0

func (cert *CertData) HasCaChain() bool

func (*CertData) HasCertificate added in v1.5.0

func (cert *CertData) HasCertificate() bool

func (*CertData) HasPrivateKey added in v1.5.0

func (cert *CertData) HasPrivateKey() bool

type IssueOutcome

type IssueOutcome int

type KeyPod

type KeyPod interface {
	Read() ([]byte, error)
	CanRead() error
	Write([]byte) error
	CanWrite() error
}

KeyPod is a simple wrapper around a key (which is just a byte stream itself). This way, we decouple the implementation (file-based, memory, network, ..) and make it easily swap- and testable.

type Pki

type Pki interface {
	// Issue issues a new certificate from the PKI
	Issue(opts conf.IssueArguments) (*CertData, error)

	// Sign signs a CSR
	Sign(csr string, opts conf.SignArguments) (*Signature, error)

	// Revoke revokes a certificate by its serial number
	Revoke(serial string) error

	// Tidy cleans up the PKI blob storage of dangling certificates
	Tidy() error

	// Cleanup cleans up the used resources of the client is not related to PKI operations
	Cleanup() error
}

type PkiCli

type PkiCli struct {
	// contains filtered or unexported fields
}

func NewPki

func NewPki(pki Pki, strategy issue_strategies.IssueStrategy) (*PkiCli, error)

func (*PkiCli) Issue

func (p *PkiCli) Issue(format CertBackend, opts conf.IssueArguments) (IssueOutcome, error)

func (*PkiCli) Revoke

func (p *PkiCli) Revoke(serial string) error

func (*PkiCli) Sign added in v1.4.0

func (p *PkiCli) Sign(csrPod, certPod KeyPod, opts conf.SignArguments) error

func (*PkiCli) Tidy

func (p *PkiCli) Tidy() error

type Signature added in v1.4.0

type Signature struct {
	Certificate []byte
	CaChain     []byte
	Serial      string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL