certs

package
v2.9.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2019 License: MPL-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HexSHA256

func HexSHA256(cert []byte) string

func ParsePEM

func ParsePEM(data []byte, secret string) ([]*pem.Block, error)

func ParsePEMCertificate

func ParsePEMCertificate(data []byte, secret string) (*tls.Certificate, error)

Types

type CertificateManager

type CertificateManager struct {
	// contains filtered or unexported fields
}

func NewCertificateManager

func NewCertificateManager(storage StorageHandler, secret string, logger *logrus.Logger) *CertificateManager

func (*CertificateManager) Add

func (c *CertificateManager) Add(certData []byte, orgID string) (string, error)

func (*CertificateManager) CertPool

func (c *CertificateManager) CertPool(certIDs []string) *x509.CertPool

func (*CertificateManager) Delete

func (c *CertificateManager) Delete(certID string)

func (*CertificateManager) FlushCache

func (c *CertificateManager) FlushCache()

func (*CertificateManager) GetRaw

func (c *CertificateManager) GetRaw(certID string) (string, error)

func (*CertificateManager) List

func (c *CertificateManager) List(certIDs []string, mode CertificateType) (out []*tls.Certificate)

func (*CertificateManager) ListAllIds

func (c *CertificateManager) ListAllIds(prefix string) (out []string)

func (*CertificateManager) ListPublicKeys

func (c *CertificateManager) ListPublicKeys(keyIDs []string) (out []string)

Returns list of fingerprints

func (*CertificateManager) ValidateRequestCertificate

func (c *CertificateManager) ValidateRequestCertificate(certIDs []string, r *http.Request) error

type CertificateMeta

type CertificateMeta struct {
	ID            string    `json:"id"`
	Fingerprint   string    `json:"fingerprint"`
	HasPrivateKey bool      `json:"has_private"`
	Issuer        pkix.Name `json:"issuer,omitempty"`
	Subject       pkix.Name `json:"subject,omitempty"`
	NotBefore     time.Time `json:"not_before,omitempty"`
	NotAfter      time.Time `json:"not_after,omitempty"`
	DNSNames      []string  `json:"dns_names,omitempty"`
}

func ExtractCertificateMeta

func ExtractCertificateMeta(cert *tls.Certificate, certID string) *CertificateMeta

type CertificateType

type CertificateType int
const (
	CertificatePrivate CertificateType = iota
	CertificatePublic
	CertificateAny
)

type StorageHandler

type StorageHandler interface {
	GetKey(string) (string, error)
	SetKey(string, string, int64) error
	GetKeys(string) []string
	DeleteKey(string) bool
	DeleteScanMatch(string) bool
}

StorageHandler is a standard interface to a storage backend, used by AuthorisationManager to read and write key values to the backend

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL