cert

package

v0.6.3 Latest Latest Go to latest Published: Jun 10, 2020 License: MIT Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/f110/heimdallr

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CreateCertificateAuthority(commonName, org, orgUnit, country string) (*x509.Certificate, crypto.PrivateKey, error)
func CreateCertificateAuthorityForConfig(conf *config.Config) (*x509.Certificate, crypto.PrivateKey, error)
func CreateCertificateRequest(subject pkix.Name, dnsName []string) ([]byte, *ecdsa.PrivateKey, error)
func CreateNewCertificateForClient(name pkix.Name, serial *big.Int, keyType string, keyBits int, password string, ...) ([]byte, *x509.Certificate, error)
func GenerateMutualTLSCertificate(ca *x509.Certificate, caPrivateKey crypto.PrivateKey, dnsNames []string, ...) (*x509.Certificate, crypto.PrivateKey, error)
func GenerateServerCertificate(ca *x509.Certificate, caPrivateKey crypto.PrivateKey, dnsNames []string) (*x509.Certificate, crypto.PrivateKey, error)
func NewSerialNumber() (*big.Int, error)
func PemEncode(path, typ string, b []byte, headers map[string]string) error
func SigningCertificateRequest(r *x509.CertificateRequest, ca *config.CertificateAuthority) (*x509.Certificate, error)
type CertificateAuthority
- func NewCertificateAuthority(db database.CertificateAuthority, ca *config.CertificateAuthority) *CertificateAuthority

Constants ¶

View Source

const (
	CertificateExpirationYear = 10 // year
)

Variables ¶

View Source

var ErrCertificateNotFound = errors.New("cert: certificate not found")

Functions ¶

func CreateCertificateAuthority ¶

func CreateCertificateAuthority(commonName, org, orgUnit, country string) (*x509.Certificate, crypto.PrivateKey, error)

func CreateCertificateAuthorityForConfig ¶

func CreateCertificateAuthorityForConfig(conf *config.Config) (*x509.Certificate, crypto.PrivateKey, error)

func CreateCertificateRequest ¶

func CreateCertificateRequest(subject pkix.Name, dnsName []string) ([]byte, *ecdsa.PrivateKey, error)

func CreateNewCertificateForClient ¶

func CreateNewCertificateForClient(name pkix.Name, serial *big.Int, keyType string, keyBits int, password string, ca *config.CertificateAuthority) ([]byte, *x509.Certificate, error)

func GenerateMutualTLSCertificate ¶

func GenerateMutualTLSCertificate(ca *x509.Certificate, caPrivateKey crypto.PrivateKey, dnsNames []string, ips []string) (*x509.Certificate, crypto.PrivateKey, error)

GenerateMutualTLSCertificate will generate a certificate and a private key for server and client auth.

func GenerateServerCertificate ¶

func GenerateServerCertificate(ca *x509.Certificate, caPrivateKey crypto.PrivateKey, dnsNames []string) (*x509.Certificate, crypto.PrivateKey, error)

GenerateServerCertificate will generate a certificate and a private key for server auth. Generated private key is ecdsa 256-bit. The expiration of the certificate is 1 year.

func NewSerialNumber ¶

func NewSerialNumber() (*big.Int, error)

func PemEncode ¶

func PemEncode(path, typ string, b []byte, headers map[string]string) error

func SigningCertificateRequest ¶

func SigningCertificateRequest(r *x509.CertificateRequest, ca *config.CertificateAuthority) (*x509.Certificate, error)

Types ¶

type CertificateAuthority ¶

type CertificateAuthority struct {
	// contains filtered or unexported fields
}

func NewCertificateAuthority ¶

func NewCertificateAuthority(db database.CertificateAuthority, ca *config.CertificateAuthority) *CertificateAuthority

func (*CertificateAuthority) GetRevokedCertificates ¶

func (ca *CertificateAuthority) GetRevokedCertificates(ctx context.Context) ([]*database.RevokedCertificate, error)

func (*CertificateAuthority) GetSignedCertificate ¶

func (ca *CertificateAuthority) GetSignedCertificate(ctx context.Context, serial *big.Int) (*database.SignedCertificate, error)

func (*CertificateAuthority) GetSignedCertificates ¶

func (ca *CertificateAuthority) GetSignedCertificates(ctx context.Context) ([]*database.SignedCertificate, error)

func (*CertificateAuthority) NewAgentCertificate ¶

func (ca *CertificateAuthority) NewAgentCertificate(ctx context.Context, name, password, comment string) (*database.SignedCertificate, error)

func (*CertificateAuthority) NewClientCertificate ¶

func (ca *CertificateAuthority) NewClientCertificate(ctx context.Context, name, keyType string, keyBits int, password, comment string) (*database.SignedCertificate, error)

func (*CertificateAuthority) NewServerCertificate ¶

func (ca *CertificateAuthority) NewServerCertificate(commonName string) (*x509.Certificate, crypto.PrivateKey, error)

func (*CertificateAuthority) Revoke ¶

func (ca *CertificateAuthority) Revoke(ctx context.Context, certificate *database.SignedCertificate) error

func (*CertificateAuthority) SignCertificateRequest ¶

func (ca *CertificateAuthority) SignCertificateRequest(ctx context.Context, csr *x509.CertificateRequest, comment string, forAgent bool) (*database.SignedCertificate, error)

func (*CertificateAuthority) WatchRevokeCertificate ¶

func (ca *CertificateAuthority) WatchRevokeCertificate() chan *database.RevokedCertificate

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL