Documentation ¶
Overview ¶
Package trustme offers you fake certificate authority (CA) that issues TLS certificates for Go tests.
Example ¶
ca := trustme.New(&testing.T{}) srvCfg := ca.MustIssue(trustme.WithIP(net.ParseIP("127.0.0.1"))).AsServerConfig() srvCfg.ClientAuth = tls.RequireAndVerifyClientCert listener, _ := tls.Listen("tcp", "127.0.0.1:0", srvCfg) defer listener.Close() srv := http.Server{ Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if len(r.TLS.PeerCertificates) == 0 { http.Error(w, "Requires mTLS", http.StatusUnauthorized) } }), } defer srv.Close() go srv.Serve(listener) client := &http.Client{ Transport: &http.Transport{ TLSClientConfig: ca.MustIssue().AsClientConfig(), }, Timeout: time.Second * 5, } client.Get(fmt.Sprintf("https://%s/", listener.Addr().String())) // ...
Output:
Index ¶
- type Authority
- type AuthorityOption
- type IssueOption
- type KeyPair
- func (kp *KeyPair) AsClientConfig() *tls.Config
- func (kp *KeyPair) AsServerConfig() *tls.Config
- func (kp *KeyPair) AsX509KeyPair() tls.Certificate
- func (kp *KeyPair) Certificate() *x509.Certificate
- func (kp *KeyPair) CertificatePEM() []byte
- func (kp *KeyPair) Key() *rsa.PrivateKey
- func (kp *KeyPair) KeyPEM() []byte
- type Option
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authority ¶
type Authority struct {
// contains filtered or unexported fields
}
Authority is a fake certification authority for issuing TLS certificates for tests. It provides the "errorless" interface where the test fails when the operation would return error.
func New ¶
func New(t *testing.T, options ...AuthorityOption) *Authority
New returns new instance of th CA and fails the test when creation fails.
func (*Authority) Certificate ¶
func (a *Authority) Certificate() *x509.Certificate
Certificate returns public certificate of underlying fake CA.
func (*Authority) Key ¶
func (a *Authority) Key() *rsa.PrivateKey
Key returns private key of underlying fake CA.
func (*Authority) MustIssue ¶
func (a *Authority) MustIssue(options ...IssueOption) *KeyPair
MustIssue issues new certificate signed by the CA. Fails the test
type AuthorityOption ¶
type AuthorityOption interface {
// contains filtered or unexported methods
}
AuthorityOption configures the Authority.
func WithOrganization ¶
func WithOrganization(organization string) AuthorityOption
WithOrganization configures the CA's organization.
type IssueOption ¶
type IssueOption interface {
// contains filtered or unexported methods
}
IssueOption configures the issued KeyPair.
func WithDNS ¶
func WithDNS(name string) IssueOption
WithDNS configures DNS names SANs of the issued certificate. Can be used multiple times.
func WithEmail ¶
func WithEmail(email string) IssueOption
WithEmail configures e-mail adresses SANs of the issued certificate. Can be used multiple times.
func WithIP ¶
func WithIP(ipAddress net.IP) IssueOption
WithIP configures DNS names SANs of the issued certificate. Can be used multiple times.
func WithURI ¶
func WithURI(uri *url.URL) IssueOption
WithURI configures URIs SANs of the issued certificate. Can be used multiple times.
type KeyPair ¶
type KeyPair struct {
// contains filtered or unexported fields
}
KeyPair represents server or client certificate.
func (*KeyPair) AsClientConfig ¶
AsClientConfig returns tls.Config for the client KeyPair's public certificate and private prefilled.
func (*KeyPair) AsServerConfig ¶
AsServerConfig returns tls.Config for the server KeyPair's public certificate and private prefilled.
func (*KeyPair) AsX509KeyPair ¶
func (kp *KeyPair) AsX509KeyPair() tls.Certificate
AsX509KeyPair returns content KeyPair as tls.Certificate.
func (*KeyPair) Certificate ¶
func (kp *KeyPair) Certificate() *x509.Certificate
Certificate returns public certificate of the KeyPair.
func (*KeyPair) CertificatePEM ¶
CertificatePEM returns PEM encoded KeyPair's certificate.
func (*KeyPair) Key ¶
func (kp *KeyPair) Key() *rsa.PrivateKey
Key returns private key of the KeyPair.
type Option ¶
type Option interface { AuthorityOption IssueOption }
Option configures the Authority and the issued KeyPair.
func WithCommonName ¶
WithCommonName configures common name of the issued certificate.
func WithRSABits ¶
WithRSABits configures the length of RSA private key of the CA's and issued certificate.