keygen

package

v0.0.0-...-6b52b4a Latest Latest Go to latest Published: Apr 9, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/flowshield/flowshield

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenCSR(key []byte, options CertOptions) ([]byte, error)
func GenCustomExtendCSR(pemKey []byte, id *spiffe.IDGIdentity, opts *CertOptions, ...) ([]byte, error)
func GenExtendWorkloadCSR(key []byte, id *spiffe.IDGIdentity, csrConf CSRConf) ([]byte, error)
func GenKey(sigAlg SupportedSignatureAlgorithms) (priv interface{}, key []byte, err error)
func GenWorkloadCSR(key []byte, id *spiffe.IDGIdentity) ([]byte, error)
type CSRConf
type CertOptions
type KeySize
type SupportedSignatureAlgorithms

Constants ¶

View Source

const (
	EcdsaSigAlg SupportedSignatureAlgorithms = "ECDSA"
	RsaSigAlg   SupportedSignatureAlgorithms = "RSA"

	RsaKeySize2048  KeySize = 2048
	EcdsaKeySize256 KeySize = 256
)

Variables ¶

This section is empty.

Functions ¶

func GenCSR ¶

func GenCSR(key []byte, options CertOptions) ([]byte, error)

Generate CSR through key Support custom CSR requests

func GenCustomExtendCSR ¶

func GenCustomExtendCSR(pemKey []byte, id *spiffe.IDGIdentity, opts *CertOptions, exts []pkix.Extension) ([]byte, error)

GenCustomExtendCSR Generate business custom CSR with extended fields

func GenExtendWorkloadCSR ¶

func GenExtendWorkloadCSR(key []byte, id *spiffe.IDGIdentity, csrConf CSRConf) ([]byte, error)

GenExtendWorkloadCSR Support custom CSR parameters

func GenKey ¶

func GenKey(sigAlg SupportedSignatureAlgorithms) (priv interface{}, key []byte, err error)

Generate Private Key

func GenWorkloadCSR ¶

func GenWorkloadCSR(key []byte, id *spiffe.IDGIdentity) ([]byte, error)

Types ¶

type CSRConf ¶

type CSRConf struct {
	SNIHostnames []string
	IPAddresses  []string
}

CSRConf custom csr config

type CertOptions ¶

type CertOptions struct {
	CN string

	// Comma-separated hostnames and IPs to generate a certificate for.
	// This can also be set to the identity running the workload,
	// like kubernetes service account.
	Host string

	// The NotBefore field of the issued certificate.
	NotBefore time.Time

	// TTL of the certificate. NotAfter - NotBefore.
	TTL time.Duration

	// Signer certificate.
	SignerCert *x509.Certificate

	// Signer private key.
	SignerPriv crypto.PrivateKey

	// Signer private key (PEM encoded).
	SignerPrivPem []byte

	// Organization for this certificate.
	Org string

	// Whether this certificate is used as signing cert for CA.
	IsCA bool

	// The type of Elliptical Signature algorithm to use
	// when generating private keys. Currently only ECDSA is supported.
	// If empty, RSA is used, otherwise ECC is used.
	SigAlg SupportedSignatureAlgorithms
}

type KeySize ¶

type KeySize int

type SupportedSignatureAlgorithms ¶

type SupportedSignatureAlgorithms string

Source Files ¶

View all Source files

genkey.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL