depot

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 1, 2023 License: MIT Imports: 10 Imported by: 10

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CACert added in v2.1.0 

type CACert struct {
	// contains filtered or unexported fields
}

CACert represents a new self-signed CA certificate

func NewCACert added in v2.1.0 

func NewCACert(opts ...CACertOption) *CACert

NewCACert creates a new CACert object with options

func (*CACert) SelfSign added in v2.1.0 

func (c *CACert) SelfSign(rand io.Reader, pub crypto.PublicKey, priv interface{}) ([]byte, error)

SelfSign creates an x509 template based off our settings and self-signs it using priv.

type CACertOption added in v2.1.0 

type CACertOption func(*CACert)

func WithCommonName added in v2.1.0 

func WithCommonName(name string) CACertOption

WithCommonName specifies the CommonName on the CA template.

func WithCountry added in v2.1.0 

func WithCountry(country string) CACertOption

WithCountry specifies the Country on the CA template.

func WithKeyUsage added in v2.1.0 

func WithKeyUsage(usage x509.KeyUsage) CACertOption

WithKeyUsage specifies the X.509 Key Usage on the CA template.

func WithOrganization added in v2.1.0 

func WithOrganization(o string) CACertOption

WithOrganization specifies the Organization on the CA template.

func WithOrganizationalUnit added in v2.1.0 

func WithOrganizationalUnit(ou string) CACertOption

WithOrganizationalUnit specifies the OrganizationalUnit on the CA template.

func WithYears added in v2.1.0 

func WithYears(y int) CACertOption

WithYears specifies the validity date of the CA.

type Depot 

type Depot interface {
	CA(pass []byte) ([]*x509.Certificate, *rsa.PrivateKey, error)
	Put(name string, crt *x509.Certificate) error
	Serial() (*big.Int, error)
	HasCN(cn string, allowTime int, cert *x509.Certificate, revokeOldCertificate bool) (bool, error)
}

Depot is a repository for managing certificates

type Option 

type Option func(*Signer)

Option customizes Signer

func WithAllowRenewalDays 

func WithAllowRenewalDays(r int) Option

WithAllowRenewalDays sets the allowable renewal time for existing certs

func WithCAPass 

func WithCAPass(pass string) Option

WithCAPass specifies the password to use with an encrypted CA key

func WithSeverAttrs added in v2.2.0 

func WithSeverAttrs() Option

func WithSignatureAlgorithm added in v2.2.0 

func WithSignatureAlgorithm(a x509.SignatureAlgorithm) Option

WithSignatureAlgorithm sets the signature algorithm to be used to sign certificates. When set to a non-zero value, this would take preference over the default behaviour of matching the signing algorithm from the x509 CSR.

func WithValidityDays 

func WithValidityDays(v int) Option

WithValidityDays sets the validity period new certs will use

type Signer 

type Signer struct {
	// contains filtered or unexported fields
}

Signer signs x509 certificates and stores them in a Depot

func NewSigner 

func NewSigner(depot Depot, opts ...Option) *Signer

NewSigner creates a new Signer

func (*Signer) SignCSR 

func (s *Signer) SignCSR(m *scep.CSRReqMessage) (*x509.Certificate, error)

SignCSR signs a certificate using Signer's Depot CA

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.