pki

package
v0.1.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 22, 2023 License: ISC Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// CertTypeRoot represents a root certificate authority
	CertTypeRoot = 1 + iota
	// CertTypeInterm represents an intermediate certificate authority
	CertTypeInterm
	// CertTypeServer represents a server certificate
	CertTypeServer
	// CertTypeClient represents a client certificate
	CertTypeClient
)
View Source 
const (
	// DirRoot is the name of directory for root certificate authority
	DirRoot = "root"
	// DirInterm is the name of directory for intermediate certificate authorities
	DirInterm = "intermediate"
	// DirServer is the name of directory for server certificates
	DirServer = "server"
	// DirClient is the name of directory for client certificates
	DirClient = "client"
	// DirCSR is the name of directory for certificate signing requests
	DirCSR = "csr"

	// FileState is the name of state file
	FileState = "state.yaml"
	// FileSpec is the name of spec file
	FileSpec = "spec.toml"
)

Variables

This section is empty.

Functions

func CleanupWorkspace 

func CleanupWorkspace() error

CleanupWorkspace removes all directories and files in a workspace

func LoadWorkspace 

func LoadWorkspace() (*State, *Spec, error)

LoadWorkspace loads an existing workspace

func NewWorkspace 

func NewWorkspace(state *State, spec *Spec) error

NewWorkspace creates a new workspace in current directory

func SaveSpec 

func SaveSpec(spec *Spec, file string) error

SaveSpec writes spec to a TOML file

func SaveState 

func SaveState(state *State, file string) error

SaveState writes state to a YAML file

func SaveWorkspace 

func SaveWorkspace(state *State, spec *Spec) error

SaveWorkspace saves changes to an existing workspace

Types

type Cert added in v0.1.2 

type Cert struct {
	Type int
	Name string
}

Cert represents the type for a certificate

func (Cert) CSRPath added in v0.1.2 

func (c Cert) CSRPath() string

CSRPath returns path to csr file

func (Cert) CertPath added in v0.1.2 

func (c Cert) CertPath() string

CertPath returns path to cert file

func (Cert) ChainPath added in v0.1.2 

func (c Cert) ChainPath() string

ChainPath returns path to cert chain file

func (Cert) KeyPath added in v0.1.2 

func (c Cert) KeyPath() string

KeyPath returns path to key file

func (Cert) Title added in v0.1.2 

func (c Cert) Title() string

Title returns a descriptive title

type Claim 

type Claim struct {
	CommonName         string   `toml:"-"`
	Country            []string `toml:"country"`
	Province           []string `toml:"province"`
	Locality           []string `toml:"locality"`
	Organization       []string `toml:"organization"`
	OrganizationalUnit []string `toml:"organizational_unit"`
	DNSName            []string `toml:"dns_name"`
	IPAddress          []net.IP `toml:"ip_address"`
	EmailAddress       []string `toml:"email_address"`
	StreetAddress      []string `toml:"street_address"`
	PostalCode         []string `toml:"postal_code"`
}

Claim represents the subtype for an identity claim

func (Claim) Clone 

func (c Claim) Clone() Claim

Clone return a deep copy of claim

type Config 

type Config struct {
	Serial   int64  `yaml:"serial"`
	Length   int    `yaml:"length"`
	Days     int    `yaml:"days"`
	Password string `yaml:"-" secret:"required,6"`
}

Config represents the subtype for configurations

type Manager 

type Manager interface {
	GenCert(Config, Claim, Cert) error
	GenCSR(Config, Claim, Cert) error
	SignCSR(Config, Cert, Config, Cert, TrustFunc) error
	VerifyCert(Cert, Cert, string) error
}

Manager provides methods for managing certificates

func NewX509Manager 

func NewX509Manager() Manager

NewX509Manager creates a new X509Manager

type Metadata 

type Metadata map[string][]string

Metadata represents the subtyoe for metadata

type Policy 

type Policy struct {
	Match    []string `toml:"match"`
	Supplied []string `toml:"supplied" default:"CommonName"`
}

Policy represents the subtype for a policy

type Spec 

type Spec struct {
	Root         Claim    `toml:"root"`
	Interm       Claim    `toml:"intermediate"`
	Server       Claim    `toml:"server"`
	Client       Claim    `toml:"client"`
	RootPolicy   Policy   `toml:"root_policy"`
	IntermPolicy Policy   `toml:"intermediate_policy"`
	Metadata     Metadata `toml:"metadata"`
}

Spec represents the type for specs

func LoadSpec 

func LoadSpec(file string) (*Spec, error)

LoadSpec reads and parses spec from a TOML file

func NewSpec 

func NewSpec() *Spec

NewSpec creates a new spec

func (*Spec) ClaimFor 

func (s *Spec) ClaimFor(certType int) (Claim, bool)

ClaimFor returns claim for a certificate type

func (*Spec) PolicyFor 

func (s *Spec) PolicyFor(certType int) (Policy, bool)

PolicyFor returns policy for a certificate type

type State 

type State struct {
	Root   Config `yaml:"root"`
	Interm Config `yaml:"intermediate"`
	Server Config `yaml:"server"`
	Client Config `yaml:"client"`
}

State represents the type for state

func LoadState 

func LoadState(file string) (*State, error)

LoadState reads and parses state from a YAML file

func NewState 

func NewState() *State

NewState creates a new state

func (*State) ConfigFor 

func (s *State) ConfigFor(certType int) (Config, bool)

ConfigFor returns config for a certificate type

type TrustFunc 

type TrustFunc func(*x509.Certificate, *x509.CertificateRequest) bool

TrustFunc is the function for determing if a ca can sign a csr

func PolicyTrustFunc 

func PolicyTrustFunc(policy Policy) TrustFunc

PolicyTrustFunc returns a TrustFunc using Policy

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.