fakeca

package
v0.0.0-...-ba00e93 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 27, 2024 License: MIT, MIT Imports: 14 Imported by: 0

README

fakeca PkgGoDev

This is a package for creating fake certificate authorities for test fixtures.

Example

package main

import (
	"crypto/x509/pkix"

	"github.com/github/smimesign/fakeca"
)

func main() {
	// Change defaults for cert subjects.
	fakeca.DefaultProvince = []string{"CO"}
	fakeca.DefaultLocality = []string{"Denver"}

	// Create a root CA.
	root := fakeca.New(fakeca.IsCA, fakeca.Subject(pkix.Name{
		CommonName: "root.myorg.com",
	}))

	// Create an intermediate CA under the root.
	intermediate := root.Issue(fakeca.IsCA, fakeca.Subject(pkix.Name{
		CommonName: "intermediate.myorg.com",
	}))

	// Create a leaf certificate under the intermediate.
	leaf := intermediate.Issue(fakeca.Subject(pkix.Name{
		CommonName: "leaf.myorg.com",
	}))

	// Get PFX (PKCS12) blob containing certificate and encrypted private key.
	leafPFX := leaf.PFX("pa55w0rd")

	// Get an *x509.CertPool containing certificate chain from CA to leaf for use
	// with Go's TLS libraries.
	leafPool := leaf.ChainPool()
}

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// DefaultCountry is the default subject Country.
	DefaultCountry = []string{"US"}

	// DefaultProvince is the default subject Province.
	DefaultProvince = []string{"CA"}

	// DefaultLocality is the default subject Locality.
	DefaultLocality = []string{"San Francisco"}

	// DefaultStreetAddress is the default subject StreetAddress.
	DefaultStreetAddress = []string(nil)

	// DefaultPostalCode is the default subject PostalCode.
	DefaultPostalCode = []string(nil)

	// DefaultCommonName is the default subject CommonName.
	DefaultCommonName = "fakeca"
)

Functions

This section is empty.

Types

type Identity

type Identity struct {
	Issuer      *Identity
	PrivateKey  crypto.Signer
	Certificate *x509.Certificate
	NextSN      int64
}

Identity is a certificate and private key.

func New

func New(opts ...Option) *Identity

New creates a new CA.

func (*Identity) Chain

func (id *Identity) Chain() []*x509.Certificate

Chain builds a slice of *x509.Certificate from this CA and its issuers.

func (*Identity) ChainPool

func (id *Identity) ChainPool() *x509.CertPool

ChainPool builds an *x509.CertPool from this CA and its issuers.

func (*Identity) IncrementSN

func (id *Identity) IncrementSN() int64

IncrementSN returns the next serial number.

func (*Identity) Issue

func (id *Identity) Issue(opts ...Option) *Identity

Issue issues a new Identity with this one as its parent.

func (*Identity) PFX

func (id *Identity) PFX(password string) []byte

PFX wraps the certificate and private key in an encrypted PKCS#12 packet. The provided password must be alphanumeric.

type Option

type Option option

Option is an option that can be passed to New().

var IsCA Option = func(c *configuration) {
	c.isCA = true
}

IsCA is an Option for making an identity a certificate authority.

func Issuer

func Issuer(value *Identity) Option

Issuer is an Option for setting the identity's issuer.

func IssuingCertificateURL

func IssuingCertificateURL(value ...string) Option

IssuingCertificateURL is an Option for setting the identity's certificate's IssuingCertificateURL.

func KeyUsage

func KeyUsage(ku x509.KeyUsage) Option

KeyUsage is an Option for setting the identity's certificate's KeyUsage.

func NextSerialNumber

func NextSerialNumber(value int64) Option

NextSerialNumber is an Option that determines the SN of the next issued certificate.

func NotAfter

func NotAfter(value time.Time) Option

NotAfter is an Option for setting the identity's certificate's NotAfter.

func NotBefore

func NotBefore(value time.Time) Option

NotBefore is an Option for setting the identity's certificate's NotBefore.

func OCSPServer

func OCSPServer(value ...string) Option

OCSPServer is an Option for setting the identity's certificate's OCSPServer.

func PrivateKey

func PrivateKey(value crypto.Signer) Option

PrivateKey is an Option for setting the identity's private key.

func Subject

func Subject(value pkix.Name) Option

Subject is an Option that sets a identity's subject field.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL