cert

package

v1.60.3 Latest Latest Go to latest Published: Sep 11, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubevirt/containerized-data-importer

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func EncodeCertPEM(cert *x509.Certificate) []byte
func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)
func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)
func GenerateSelfSignedCertKeyWithFixtures(host string, alternateIPs []net.IP, alternateDNS []string, ...) ([]byte, []byte, error)
func MakeEllipticPrivateKeyPEM() ([]byte, error)
func NewPrivateKey() (*rsa.PrivateKey, error)
func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error)
func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)
func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)
func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)
func ParsePublicKeysPEM(keyData []byte) ([]interface{}, error)
type AltNames
type Config

Constants ¶

View Source

const (
	// ECPrivateKeyBlockType is a possible value for pem.Block.Type.
	ECPrivateKeyBlockType = "EC PRIVATE KEY"
	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
	// PrivateKeyBlockType is a possible value for pem.Block.Type.
	PrivateKeyBlockType = "PRIVATE KEY"
	// PublicKeyBlockType is a possible value for pem.Block.Type.
	PublicKeyBlockType = "PUBLIC KEY"
	// CertificateBlockType is a possible value for pem.Block.Type.
	CertificateBlockType = "CERTIFICATE"
	// CertificateRequestBlockType is a possible value for pem.Block.Type.
	CertificateRequestBlockType = "CERTIFICATE REQUEST"
)

Variables ¶

This section is empty.

Functions ¶

func EncodeCertPEM ¶

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func EncodePrivateKeyPEM ¶

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data

func EncodePublicKeyPEM ¶

func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public data

func GenerateSelfSignedCertKey ¶

func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)

GenerateSelfSignedCertKey creates a self-signed certificate and key for the given host. Host may be an IP or a DNS name You may also specify additional subject alt names (either ip or dns names) for the certificate.

func GenerateSelfSignedCertKeyWithFixtures ¶

func GenerateSelfSignedCertKeyWithFixtures(host string, alternateIPs []net.IP, alternateDNS []string, fixtureDirectory string) ([]byte, []byte, error)

GenerateSelfSignedCertKeyWithFixtures creates a self-signed certificate and key for the given host. Host may be an IP or a DNS name. You may also specify additional subject alt names (either ip or dns names) for the certificate.

If fixtureDirectory is non-empty, it is a directory path which can contain pre-generated certs. The format is: <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.crt <host>_<ip>-<ip>_<alternateDNS>-<alternateDNS>.key Certs/keys not existing in that directory are created.

func MakeEllipticPrivateKeyPEM ¶

func MakeEllipticPrivateKeyPEM() ([]byte, error)

MakeEllipticPrivateKeyPEM creates an ECDSA private key

func NewPrivateKey ¶

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSelfSignedCACert ¶

func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error)

NewSelfSignedCACert creates a CA certificate

func NewSignedCert ¶

func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ParseCertsPEM ¶

func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)

ParseCertsPEM returns the x509.Certificates contained in the given PEM-encoded byte array Returns an error if a certificate could not be parsed, or if the data does not contain any certificates

func ParsePrivateKeyPEM ¶

func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)

ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data. Recognizes PEM blocks for "EC PRIVATE KEY", "RSA PRIVATE KEY", or "PRIVATE KEY"

func ParsePublicKeysPEM ¶

func ParsePublicKeysPEM(keyData []byte) ([]interface{}, error)

ParsePublicKeysPEM is a helper function for reading an array of rsa.PublicKey or ecdsa.PublicKey from a PEM-encoded byte array. Reads public keys from both public and private key files.

Types ¶

type AltNames ¶

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses that will be added to the API Server's x509 certificate SubAltNames field. The values will be passed directly to the x509.Certificate object.

type Config ¶

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
fetcher
generator
triple Package triple generates key-certificate pairs for the triple (CA, Server, Client).	Package triple generates key-certificate pairs for the triple (CA, Server, Client).
watcher

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL