cert

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2023 License: Apache-2.0 Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	DefaultCountry      = "CN"
	DefaultOrganization = "fabedge.io"
	DefaultCAName       = "Fabedge CA"
)

Variables

View Source 
var (
	ExtKeyUsagesServerAndClient = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}
	ExtKeyUsagesServerOnly      = []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
	ExtKeyUsagesClientOnly      = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}
)

Functions

func DecodePEM 

func DecodePEM(data []byte) ([]byte, error)

func EncodeCertPEM 

func EncodeCertPEM(certDER []byte) []byte

func EncodeCertRequestPEM 

func EncodeCertRequestPEM(crs []byte) []byte

func EncodePrivateKeyPEM 

func EncodePrivateKeyPEM(privateKeyDER []byte) []byte

func NewCertFromCA 

func NewCertFromCA(caCert *x509.Certificate, caKey *rsa.PrivateKey, cfg Config) ([]byte, []byte, error)

NewCertFromCA creates certificate and key from specified CA cert/key pair

func NewCertFromCA2 

func NewCertFromCA2(ca, caKey []byte, cfg Config) ([]byte, []byte, error)

NewCertFromCA2 creates certificate and key from specified CA cert/key pair

func NewCertRequest 

func NewCertRequest(req Request) ([]byte, []byte, error)

func NewSelfSignedCA 

func NewSelfSignedCA(cfg Config) ([]byte, []byte, error)

NewSelfSignedCA create a CA cert/key pair

func ReadPEMFileAndDecode 

func ReadPEMFileAndDecode(filename string) ([]byte, error)

func SaveCertKeyToFile 

func SaveCertKeyToFile(certDER []byte, keyDER []byte, certPath, keyPath string) error

func SaveCertToFile 

func SaveCertToFile(certDER []byte, certPath string) error

func SaveFile 

func SaveFile(content []byte, filename string) error

func SavePrivateKeyToFile 

func SavePrivateKeyToFile(keyDER []byte, keyPath string) error

func VerifyCert 

func VerifyCert(caDER, certDER []byte, usages []x509.ExtKeyUsage) error

VerifyCert verifies the certificate by CA certificate

Types

type Config 

type Config struct {
	CommonName   string
	Organization []string
	Usages       []x509.ExtKeyUsage

	DNSNames []string
	IPs      []net.IP

	ValidityPeriod time.Duration
	IsCA           bool
}

type Manager 

type Manager interface {
	// NewCertKey Create a cert/key pair from CA with specified config
	NewCertKey(cfg Config) (certDER []byte, keyDER []byte, err error)
	SignCert(csr []byte) ([]byte, error)
	VerifyCert(cert *x509.Certificate, usages []x509.ExtKeyUsage) error
	VerifyCertInPEM(certPEM []byte, usages []x509.ExtKeyUsage) error
	GetCACert() *x509.Certificate
	GetCACertPEM() []byte
}

func NewManger 

func NewManger(caDER, caKeyDER []byte, validPeriod time.Duration) (Manager, error)

func NewRemoteManager 

func NewRemoteManager(caCertDER []byte, signCert SignCertFunc) (Manager, error)

type Request 

type Request struct {
	CommonName   string
	Organization []string
	DNSNames     []string
	IPs          []net.IP
}

type SignCertFunc 

type SignCertFunc func(csr []byte) ([]byte, error)

SignCertFunc receive csr and return a cert bytes

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.