pki

package

v0.0.0-...-3442565 Latest Latest Go to latest Published: Apr 29, 2024 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes-sigs/etcdadm

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ParseHumanDuration(s string) (time.Duration, error)
func ParseOneCertificate(b []byte) (*x509.Certificate, error)
type CA
- func NewCA(s Store) (*CA, error)
- func (c *CA) CertPool() *x509.CertPool
type FSStore
- func NewFSStore(basedir string) *FSStore
- func (s *FSStore) Keypair(name string) MutableKeypair
- func (s *FSStore) LoadCA(name string) (*CA, error)
- func (s *FSStore) WriteCABundle(ca *CA) error
type InMemoryMutableKeypair
- func (s *InMemoryMutableKeypair) MutateKeypair(mutator func(keypair *Keypair) error) (*Keypair, error)
type InMemoryStore
- func NewInMemoryStore() *InMemoryStore
- func (s *InMemoryStore) Keypair(name string) MutableKeypair
type Keypair
type Keypairs
- func NewKeypairs(store Store, ca *CA) *Keypairs
- func (k *Keypairs) CA() *CA
- func (k *Keypairs) EnsureKeypair(name string, config certutil.Config) (*Keypair, error)
type MutableKeypair
type MutableKeypairFromFile
- func (s *MutableKeypairFromFile) MutateKeypair(mutator func(keypair *Keypair) error) (*Keypair, error)
type Store

Constants ¶

View Source

const (
	// CertificateBlockType is a possible value for pem.Block.Type.
	CertificateBlockType = "CERTIFICATE"

	// RSAPrivateKeyBlockType is a possible value for pem.Block.Type.
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
)

Variables ¶

View Source

var CertDuration = 2 * 365 * 24 * time.Hour

CertDuration controls how long we issue certificates for. We set it to a longer time period, primarily because we don't have a nice means of rotation. This was historically one year, but we now set it to two years, with kubernetes LTS proposing one year's support.

View Source

var CertMinTimeLeft = 20 * 365 * 24 * time.Hour

CertMinTimeLeft is the minimum amount of validity required on a certificate to reuse it. Because we set this (much) higher than CertDuration, we will now always reissue certificates.

Functions ¶

func ParseHumanDuration ¶

func ParseHumanDuration(s string) (time.Duration, error)

ParseHumanDuration parses a go-style duration string, but recognizes additional suffixes: d means "day" and is interpreted as 24 hours; y means "year" and is interpreted as 365 days.

func ParseOneCertificate ¶

func ParseOneCertificate(b []byte) (*x509.Certificate, error)

Types ¶

type CA ¶

type CA struct {
	// contains filtered or unexported fields
}

func NewCA ¶

func NewCA(s Store) (*CA, error)

func (*CA) CertPool ¶

func (c *CA) CertPool() *x509.CertPool

type FSStore ¶

type FSStore struct {
	// contains filtered or unexported fields
}

func NewFSStore ¶

func NewFSStore(basedir string) *FSStore

func (*FSStore) Keypair ¶

func (s *FSStore) Keypair(name string) MutableKeypair

func (*FSStore) LoadCA ¶

func (s *FSStore) LoadCA(name string) (*CA, error)

func (*FSStore) WriteCABundle ¶

func (s *FSStore) WriteCABundle(ca *CA) error

type InMemoryMutableKeypair ¶

type InMemoryMutableKeypair struct {
	Keypair *Keypair
}

func (*InMemoryMutableKeypair) MutateKeypair ¶

func (s *InMemoryMutableKeypair) MutateKeypair(mutator func(keypair *Keypair) error) (*Keypair, error)

type InMemoryStore ¶

type InMemoryStore struct {
	// contains filtered or unexported fields
}

func NewInMemoryStore ¶

func NewInMemoryStore() *InMemoryStore

func (*InMemoryStore) Keypair ¶

func (s *InMemoryStore) Keypair(name string) MutableKeypair

type Keypair ¶

type Keypair struct {
	Certificate *x509.Certificate
	PrivateKey  *rsa.PrivateKey
}

type Keypairs ¶

type Keypairs struct {
	// contains filtered or unexported fields
}

Keypairs manages a set of keypairs, providing utilities for fetching / creating them

func NewKeypairs ¶

func NewKeypairs(store Store, ca *CA) *Keypairs

func (*Keypairs) CA ¶

func (k *Keypairs) CA() *CA

func (*Keypairs) EnsureKeypair ¶

func (k *Keypairs) EnsureKeypair(name string, config certutil.Config) (*Keypair, error)

type MutableKeypair ¶

type MutableKeypair interface {
	MutateKeypair(mutator func(keypair *Keypair) error) (*Keypair, error)
}

type MutableKeypairFromFile ¶

type MutableKeypairFromFile struct {
	PrivateKeyPath  string
	CertificatePath string
}

func (*MutableKeypairFromFile) MutateKeypair ¶

func (s *MutableKeypairFromFile) MutateKeypair(mutator func(keypair *Keypair) error) (*Keypair, error)

type Store ¶

type Store interface {
	Keypair(name string) MutableKeypair
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL