Documentation ¶
Index ¶
- Constants
- func EnsureKey(keyFile string) (crypto.PublicKey, crypto.PrivateKey, bool, error)
- func HashPublicKey(key crypto.PublicKey) ([]byte, error)
- func LoadKey(keyFile string) (crypto.PrivateKey, error)
- func MakeCSR(privateKey crypto.Signer, subjectName string) ([]byte, error)
- func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)
- func NewKeyPairWithHash() (crypto.PublicKey, crypto.PrivateKey, []byte, error)
- func PEMEncodeKey(key crypto.PrivateKey) ([]byte, error)
- func ParseCSR(csrPEM []byte) (*x509.CertificateRequest, error)
- func ParseKeyPEM(pemKey []byte) (crypto.PrivateKey, error)
- func TLSConfigForClient(caConfig, clientConfig *TLSCertificateConfig) (*tls.Config, error)
- func TLSConfigForServer(caConfig, serverConfig *TLSCertificateConfig) (*tls.Config, error)
- func WriteKey(keyPath string, key crypto.PrivateKey) error
- type CA
- func (ca *CA) EnsureClientCertificate(certFile, keyFile string, subjectName string, expireDays int) (*TLSCertificateConfig, bool, error)
- func (ca *CA) EnsureServerCertificate(certFile, keyFile string, hostnames []string, expireDays int) (*TLSCertificateConfig, bool, error)
- func (ca *CA) IssueRequestedClientCertificate(csr *x509.CertificateRequest, expiryDays int) ([]byte, error)
- func (ca *CA) MakeAndWriteServerCert(certFile, keyFile string, hostnames []string, expireDays int) (*TLSCertificateConfig, error)
- func (ca *CA) MakeClientCertificate(certFile, keyFile string, subject string, expiryDays int) (*TLSCertificateConfig, error)
- func (ca *CA) MakeServerCert(hostnames []string, expiryDays int, fns ...CertificateExtensionFunc) (*TLSCertificateConfig, error)
- type CertificateExtensionFunc
- type TLSCertificateConfig
Constants ¶
View Source
const AdminCommonName = "flightctl-admin"
View Source
const ClientBootstrapCommonName = "client-enrollment"
Wraps openshift/library-go/pkg/crypto to use ECDSA and simplify the interface
Variables ¶
This section is empty.
Functions ¶
func NewKeyPair ¶
func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)
func NewKeyPairWithHash ¶
func PEMEncodeKey ¶
func PEMEncodeKey(key crypto.PrivateKey) ([]byte, error)
func ParseKeyPEM ¶
func ParseKeyPEM(pemKey []byte) (crypto.PrivateKey, error)
func TLSConfigForClient ¶
func TLSConfigForClient(caConfig, clientConfig *TLSCertificateConfig) (*tls.Config, error)
func TLSConfigForServer ¶
func TLSConfigForServer(caConfig, serverConfig *TLSCertificateConfig) (*tls.Config, error)
Types ¶
type CA ¶
type CA struct { Config *TLSCertificateConfig SerialGenerator oscrypto.SerialGenerator }
func MakeSelfSignedCA ¶
func (*CA) EnsureClientCertificate ¶
func (*CA) EnsureServerCertificate ¶
func (*CA) IssueRequestedClientCertificate ¶
func (*CA) MakeAndWriteServerCert ¶
func (*CA) MakeClientCertificate ¶
func (*CA) MakeServerCert ¶
func (ca *CA) MakeServerCert(hostnames []string, expiryDays int, fns ...CertificateExtensionFunc) (*TLSCertificateConfig, error)
type CertificateExtensionFunc ¶
type CertificateExtensionFunc func(*x509.Certificate) error
type TLSCertificateConfig ¶
type TLSCertificateConfig oscrypto.TLSCertificateConfig
func GetClientCertificate ¶
func GetClientCertificate(certFile, keyFile string, subjectName string) (*TLSCertificateConfig, error)
func GetServerCert ¶
func GetServerCert(certFile, keyFile string, hostnames []string) (*TLSCertificateConfig, error)
func GetTLSCertificateConfig ¶
func GetTLSCertificateConfig(certFile, keyFile string) (*TLSCertificateConfig, error)
func (*TLSCertificateConfig) GetPEMBytes ¶
func (c *TLSCertificateConfig) GetPEMBytes() ([]byte, []byte, error)
func (*TLSCertificateConfig) WriteCertConfigFile ¶
func (c *TLSCertificateConfig) WriteCertConfigFile(certFile, keyFile string) error
Click to show internal directories.
Click to hide internal directories.