pki

package

v0.0.0-...-0902aac Latest Latest Go to latest Published: Dec 21, 2020 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/empathybroker/aws-vpn

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CACert(cert *x509.Certificate)
func ClientCert(cert *x509.Certificate)
func CreateCertificate(parent *x509.Certificate, privKey crypto.PrivateKey, pubKey crypto.PublicKey, ...) (*x509.Certificate, error)
func DecodeSerial(serial string) ([]byte, error)
func EncodeDERPrivateKey(key crypto.PrivateKey) ([]byte, error)
func EncodePEMCert(cert *x509.Certificate) []byte
func EncodePEMPrivateKey(key crypto.PrivateKey) ([]byte, error)
func GetPublicKey(key crypto.PrivateKey) crypto.PublicKey
func NewPrivateKey() (crypto.PrivateKey, error)
func ServerCert(cert *x509.Certificate)
type CAData
- func NewCAKey(caName string, serialNumber string, duration time.Duration) (CAData, error)
- func (k CAData) MarshalJSON() ([]byte, error)
- func (k CAData) Renew(caName string, serialNumber string, duration time.Duration) (CAData, error)
- func (k *CAData) UnmarshalJSON(data []byte) error
type CertOptions
- func WithDNS(dnsName ...string) CertOptions
- func WithDuration(duration time.Duration) CertOptions
- func WithEmail(email ...string) CertOptions
- func WithExpiration(notAfter time.Time) CertOptions
- func WithMaxPathLen(pathLen int) CertOptions
- func WithTimespan(notBefore time.Time, notAfter time.Time) CertOptions
type CertSerial
type CertType
- func GetCertType(cert *x509.Certificate) CertType
type CertificateInfo
- func CertInfoFromX509Cert(cert *x509.Certificate) *CertificateInfo
type PKI
- func NewPKI(s PKIStorage) *PKI
- func (pki *PKI) CreateCertificate(ctx context.Context, pubKey crypto.PublicKey, subject pkix.Name, ...) (*CertificateInfo, error)
- func (pki *PKI) GetCACert(ctx context.Context) *x509.Certificate
- func (pki *PKI) GetCertBySerial(ctx context.Context, serial []byte) (*CertificateInfo, error)
- func (pki *PKI) GetCrossCert(ctx context.Context) *x509.Certificate
- func (pki *PKI) GetPrevCACert(ctx context.Context) *x509.Certificate
- func (pki *PKI) GetStaticKey(ctx context.Context) StaticKey
- func (pki *PKI) ListCerts(ctx context.Context, subject string) ([]*CertificateInfo, error)
- func (pki *PKI) RevokeCert(ctx context.Context, serial []byte) (*CertificateInfo, error)
type PKIStorage
type StaticKey
- func NewStaticKey() StaticKey
- func (k StaticKey) String() string

Constants ¶

View Source

const (
	CertTypeUnknown CertType = "UNKNOWN"
	CertTypeServer           = "Server"
	CertTypeClient           = "Client"
	CertTypeCA               = "CA"
)

Variables ¶

This section is empty.

Functions ¶

func CACert ¶

func CACert(cert *x509.Certificate)

func ClientCert ¶

func ClientCert(cert *x509.Certificate)

func CreateCertificate ¶

func CreateCertificate(parent *x509.Certificate, privKey crypto.PrivateKey, pubKey crypto.PublicKey, subject pkix.Name, certOpts ...CertOptions) (*x509.Certificate, error)

func DecodeSerial ¶

func DecodeSerial(serial string) ([]byte, error)

func EncodeDERPrivateKey ¶

func EncodeDERPrivateKey(key crypto.PrivateKey) ([]byte, error)

func EncodePEMCert ¶

func EncodePEMCert(cert *x509.Certificate) []byte

func EncodePEMPrivateKey ¶

func EncodePEMPrivateKey(key crypto.PrivateKey) ([]byte, error)

func GetPublicKey ¶

func GetPublicKey(key crypto.PrivateKey) crypto.PublicKey

func NewPrivateKey ¶

func NewPrivateKey() (crypto.PrivateKey, error)

func ServerCert ¶

func ServerCert(cert *x509.Certificate)

Types ¶

type CAData ¶

type CAData struct {
	PrivateKey crypto.PrivateKey
	PublicKey  crypto.PublicKey

	CACert     *x509.Certificate
	PrevCACert *x509.Certificate
	CrossCert  *x509.Certificate

	StaticKey StaticKey
}

func NewCAKey ¶

func NewCAKey(caName string, serialNumber string, duration time.Duration) (CAData, error)

func (CAData) MarshalJSON ¶

func (k CAData) MarshalJSON() ([]byte, error)

func (CAData) Renew ¶

func (k CAData) Renew(caName string, serialNumber string, duration time.Duration) (CAData, error)

func (*CAData) UnmarshalJSON ¶

func (k *CAData) UnmarshalJSON(data []byte) error

type CertOptions ¶

type CertOptions func(cert *x509.Certificate)

func WithDNS ¶

func WithDNS(dnsName ...string) CertOptions

func WithDuration ¶

func WithDuration(duration time.Duration) CertOptions

func WithEmail ¶

func WithEmail(email ...string) CertOptions

func WithExpiration ¶

func WithExpiration(notAfter time.Time) CertOptions

func WithMaxPathLen ¶

func WithMaxPathLen(pathLen int) CertOptions

func WithTimespan ¶

func WithTimespan(notBefore time.Time, notAfter time.Time) CertOptions

type CertSerial ¶

type CertSerial *big.Int

type CertType ¶

type CertType string

func GetCertType ¶

func GetCertType(cert *x509.Certificate) CertType

type CertificateInfo ¶

type CertificateInfo struct {
	Certificate *x509.Certificate `json:"-"`
	SerialBytes []byte            `json:"-"`

	CertType  CertType   `json:"type"`
	Serial    string     `json:"serial"`
	KeyId     string     `json:"keyId"`
	Subject   string     `json:"subject"`
	NotBefore time.Time  `json:"notBefore"`
	NotAfter  time.Time  `json:"notAfter"`
	Revoked   *time.Time `json:"revoked,omitempty"`
}

func CertInfoFromX509Cert ¶

func CertInfoFromX509Cert(cert *x509.Certificate) *CertificateInfo

type PKI ¶

type PKI struct {
	// contains filtered or unexported fields
}

func NewPKI ¶

func NewPKI(s PKIStorage) *PKI

func (*PKI) CreateCertificate ¶

func (pki *PKI) CreateCertificate(ctx context.Context, pubKey crypto.PublicKey, subject pkix.Name, certOpts ...CertOptions) (*CertificateInfo, error)

func (*PKI) GetCACert ¶

func (pki *PKI) GetCACert(ctx context.Context) *x509.Certificate

func (*PKI) GetCertBySerial ¶

func (pki *PKI) GetCertBySerial(ctx context.Context, serial []byte) (*CertificateInfo, error)

func (*PKI) GetCrossCert ¶

func (pki *PKI) GetCrossCert(ctx context.Context) *x509.Certificate

func (*PKI) GetPrevCACert ¶

func (pki *PKI) GetPrevCACert(ctx context.Context) *x509.Certificate

func (*PKI) GetStaticKey ¶

func (pki *PKI) GetStaticKey(ctx context.Context) StaticKey

func (*PKI) ListCerts ¶

func (pki *PKI) ListCerts(ctx context.Context, subject string) ([]*CertificateInfo, error)

func (*PKI) RevokeCert ¶

func (pki *PKI) RevokeCert(ctx context.Context, serial []byte) (*CertificateInfo, error)

type PKIStorage ¶

type PKIStorage interface {
	GetCACert(ctx context.Context) *x509.Certificate
	GetPrevCACert(ctx context.Context) *x509.Certificate
	GetCrossCert(ctx context.Context) *x509.Certificate
	GetPrivateKey(ctx context.Context) crypto.PrivateKey
	GetPublicKey(ctx context.Context) crypto.PublicKey
	GetStaticKey(ctx context.Context) StaticKey

	AddCert(ctx context.Context, cert *x509.Certificate) error
	ListAllCerts(ctx context.Context) ([]*CertificateInfo, error)
	ListCertsBySubject(context.Context, string) ([]*CertificateInfo, error)
	GetCertBySerial(context.Context, []byte) (*CertificateInfo, error)
	RevokeCert(context.Context, []byte) (*CertificateInfo, error)
}

type StaticKey ¶

type StaticKey []byte

func NewStaticKey ¶

func NewStaticKey() StaticKey

func (StaticKey) String ¶

func (k StaticKey) String() string

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
aws

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL