services

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 11, 2023 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// DEFAULT_CSR_COUNTRIY default csr country
	DEFAULT_CSR_COUNTRIY = "China"
	// DEFAULT_CSR_LOCALITY default csr locality
	DEFAULT_CSR_LOCALITY = "Beijing"
	// DEFAULT_CSR_PROVINCE default csr province
	DEFAULT_CSR_PROVINCE = "Beijing"
	// DEFAULT_CERT_VAILD_TIME
	DEFAULT_CERT_VALID_TIME = time.Hour * 24 * 365 * 1
)
View Source 
const (
	//SM3 GM SM3
	SM3 = "SM3"
	//SM2 GM SM2
	SM2 = "SM2"
)
View Source 
const NO_PKCS11_KEY_ID = "nopkcs11"
View Source 
const TokenExpireSeconds int64 = 7200

Variables

This section is empty.

Functions

func CheckCert 

func CheckCert(orgId string, userId string, userType db.UserType, certUsage db.CertUsage) error

Check if the certificate already exists

func CheckParameters 

func CheckParameters(orgId, userId, userTypeStr, certUsageStr string) (userType db.UserType,
	certUsage db.CertUsage, err error)

check orgId userId usertype certusage and determine whether to provIde certificate service

func CheckParametersEmpty 

func CheckParametersEmpty(parameters ...string) error

check the string parametes if empty

func CheckParametersUserType 

func CheckParametersUserType(userTypeStr string) (db.UserType, error)

Check and convert usertype(string) ot db.UserType

func ConvertToCertContent 

func ConvertToCertContent(certBytes []byte) (cert *x509.Certificate, certContent *db.CertContent, err error)

Convert certbyte to certcontent and X509 certificates

func ConvertToKeyPair 

func ConvertToKeyPair(privateKeyBytes []byte) (keyPair *db.KeyPair, privateKey crypto.PrivateKey, err error)

Convert the password and privatekey bytes to keypair and privatekey

func CreateCertInfo 

func CreateCertInfo(certContent *db.CertContent, privateKeyId string,
	conditions *CertConditions) (*db.CertInfo, error)

Create certinfo

func CreateDir 

func CreateDir(dirPath string) error

CreateDir create dir

func CreateIntermediateCA 

func CreateIntermediateCA() error

CreateIntermediateCA Create intermediate CA in the configuration file

func CreateKeyPair 

func CreateKeyPair(privateKeyTypeStr, hashTypeStr, privateKeyPwd,
	keyId string) (privateKey crypto.PrivateKey, keyPair *db.KeyPair, err error)

CreateKeyPair create key pair

func CreateKeyPairNoEnc 

func CreateKeyPairNoEnc(privateKeyTypeStr, hashTypeStr, keyId string) (privateKey crypto.PrivateKey,
	keyPair *db.KeyPair, err error)

CreateKeyPairNoEnc create key pair no encryption

func CreateRootCa 

func CreateRootCa() error

Generate the root CA

func ExtKeyUsageToString 

func ExtKeyUsageToString(extKeyUsage []x509.ExtKeyUsage) (string, error)

Convert extkeyusage to string

func GenCrl 

func GenCrl(genCrlReq *GenCrlReq) ([]byte, error)

Get the latest crl

func GenCsr 

func GenCsr(genCsrReq *GenCsrReq) ([]byte, error)

Generate csr

func GenDoubleIntermediateCA 

func GenDoubleIntermediateCA(caConfig *utils.ImCaConfig) error

Generate intermediate CA if catype is double_root

func GenSingleIntermediateCA 

func GenSingleIntermediateCA(caConfig *utils.ImCaConfig, caType utils.CaType) error

Generate intermediate CA if catype is single_root

func GenToken 

func GenToken(appId string, appRole db.AccessRole) (string, error)

JWT generate token

func GenerateDoubleRootCa 

func GenerateDoubleRootCa(rootCsrConf *utils.CsrConf) error

Generate double root CA

func GenerateRootCa 

func GenerateRootCa(rootCaConf *utils.CaConfig) error

Generate root CA

func GenerateSingleRootCa 

func GenerateSingleRootCa(rootCsrConf *utils.CsrConf, rootCertConf *utils.CertConf,
	certUsage db.CertUsage, keyId string) error

Generate single root CA

func GetAppToken 

func GetAppToken(appId, appKey string) (string, error)

GetAppToken get token by appId and appKey

func GetP2pNetNodeId 

func GetP2pNetNodeId(userType db.UserType, certUsage db.CertUsage, nodeTlsCrtBytes []byte) (string, error)

Get p2p net node id

func GetRootPrivateKey 

func GetRootPrivateKey(certUsage db.CertUsage) (crypto.PrivateKey, error)

Get root private from file

func GetTLSCertNodeId 

func GetTLSCertNodeId(getNodeIdReq *GetTLSCertNodeIdReq) (nodeId string, err error)

Get tls cert node Id

func GetX509Certificate 

func GetX509Certificate(sn int64) (*x509.Certificate, error)

Get X509 certificate by sn

func InitAccessControl 

func InitAccessControl() (bool, error)

InitAccessControl

func InitServer 

func InitServer()

Init server

func IsAccessControlFromConfig 

func IsAccessControlFromConfig() bool

IsAccessControlFromConfig whether access control is enabled in the configuration file

func IssueCertBySelf 

func IssueCertBySelf(rootCertConf *RootCertRequestConfig) (*db.CertContent, error)

Issue cert by self(root ca)

func IssueCertificate 

func IssueCertificate(certConf *CertRequestConfig) (*db.CertContent, error)

Issue certificate

func KeyBytesToPrivateKey 

func KeyBytesToPrivateKey(privateKeyBytes []byte, keyPwd string) (privateKey crypto.PrivateKey, err error)

Convert privatekey byte to privatekey

func LoadDoubleRootCa 

func LoadDoubleRootCa() error

Load double root CA from the path in the configuration file

func LoadRootCaFromConfig 

func LoadRootCaFromConfig() error

Load root CA from the path in the configuration file

func LoadSingleRootCa 

func LoadSingleRootCa(certConf *utils.CertConf, certUsage db.CertUsage) error

Load single root CA from the path in the configuration file

func ParseCertificate 

func ParseCertificate(certBytes []byte) (*x509.Certificate, error)

ParseCertificate parse cert file to x.509 cert struct

func ParseCsr 

func ParseCsr(csrBytes []byte) (*x509.CertificateRequest, error)

ParseCsr parse csr file to x.509 cert request

func ParsePrivateKey 

func ParsePrivateKey(privateKeyBytes []byte) (crypto.PrivateKey, error)

Convert privatekey byte to privatekey

func RevokeCert 

func RevokeCert(revokeCertReq *RevokeCertReq) ([]byte, error)

Revoke certificate

func ServerPortFromConfig 

func ServerPortFromConfig() string

The port number in the configuration file

func UpdateCert 

func UpdateCert(updateConf *UpdateCertConfig) (*db.CertContent, error)

Update cert info

func WirteFile 

func WirteFile(filePath string, fileBytes []byte) error

WirteFile wirte file to file path

Types

type AppInfo 

type AppInfo struct {
	AppId   string
	AppKey  string
	AppRole db.AccessRole
}

type ApplyCertResp 

type ApplyCertResp struct {
	CertSn      int64  `json:"certSn"`
	IssueCertSn int64  `json:"issueCertSn"`
	CertContent string `json:"cert"`
	PrivateKey  string `json:"privateKey,omitempty"`
}

func GenCert 

func GenCert(genCertReq *GenCertReq) (*ApplyCertResp, error)

Generate cert

func GenCertByCsr 

func GenCertByCsr(genCertByCsrReq *GenCertByCsrReq) (*ApplyCertResp, error)

Generate cert by csr

func RenewCert 

func RenewCert(renewCertReq *RenewCertReq) (*ApplyCertResp, error)

renew the cert expiration date

type CSRRequest 

type CSRRequest struct {
	OrgId      string
	UserId     string
	UserType   db.UserType
	Country    string
	Locality   string
	Province   string
	PrivateKey crypto.PrivateKey
}

type CSRRequestConfig 

type CSRRequestConfig struct {
	PrivateKey         crypto.PrivateKey
	Country            string
	Locality           string
	Province           string
	OrganizationalUnit string
	Organization       string
	CommonName         string
}

func BuildCSRReqConf 

func BuildCSRReqConf(csrReq *CSRRequest) *CSRRequestConfig

Build CSR request config

type CertConditions 

type CertConditions struct {
	UserType  db.UserType
	CertUsage db.CertUsage
	UserId    string
	OrgId     string
}

type CertInfos 

type CertInfos struct {
	UserId         string `json:"userId"`
	OrgId          string `json:"orgId"`
	UserType       string `json:"userType"`
	CertUsage      string `json:"certUsage"`
	CertSn         int64  `json:"certSn"`
	IssuerSn       int64  `json:"issuerSn"`
	CertContent    string `json:"certContent"`
	ExpirationDate int64  `json:"expirationDate"`
	IsRevoked      bool   `json:"isRevoked"`
}

func QueryCerts 

func QueryCerts(req *QueryCertsReq) ([]*CertInfos, error)

Query certs

type CertRequestConfig 

type CertRequestConfig struct {
	HashType         crypto.HashType
	IssuerPrivateKey crypto.PrivateKey
	CsrBytes         []byte
	IssuerCertBytes  []byte
	ValidTime        time.Duration
	CertUsage        db.CertUsage
	UserType         db.UserType
}

type Claims 

type Claims struct {
	AppId   string
	AppRole db.AccessRole
	jwt.StandardClaims
}

func ParseToken 

func ParseToken(tokenString string) (*Claims, error)

JWT parse token

func (Claims) Valid 

func (c Claims) Valid() error

type GenCertByCsrReq 

type GenCertByCsrReq struct {
	OrgId     string
	UserId    string
	UserType  db.UserType
	CertUsage db.CertUsage
	CsrBytes  []byte
}

type GenCertReq 

type GenCertReq struct {
	OrgId         string
	UserId        string
	UserType      db.UserType
	CertUsage     db.CertUsage
	PrivateKeyPwd string
	Country       string
	Locality      string
	Province      string
}

type GenCertRequestConfig 

type GenCertRequestConfig struct {
	Country            []string
	Locality           []string
	Province           []string
	OrganizationalUnit []string
	Organization       []string
	Extension          []pkix.Extension
	ExtraExtensions    []pkix.Extension
	CommonName         string
	ValidTime          time.Duration
	CertUsage          db.CertUsage
	UserType           db.UserType
}

type GenCrlReq 

type GenCrlReq struct {
	IssuerCertSn int64
}

type GenCsrReq 

type GenCsrReq struct {
	OrgId         string
	UserId        string
	UserType      db.UserType
	PrivateKeyPwd string
	Country       string
	Locality      string
	Province      string
}

type GetTLSCertNodeIdReq 

type GetTLSCertNodeIdReq struct {
	OrgId     string
	UserId    string
	UserType  db.UserType
	CertUsage db.CertUsage
	CertSn    int64
}

type OptionFunc 

type OptionFunc func(*Pkcs11Config)

func WithPrivKeyId 

func WithPrivKeyId(keyId string) OptionFunc

func WithPrivKeyType 

func WithPrivKeyType(keyType crypto.KeyType) OptionFunc

type Pkcs11Config 

type Pkcs11Config struct {
	// contains filtered or unexported fields
}

func NewPkcs11Config 

func NewPkcs11Config(opts ...OptionFunc) (p11Conf *Pkcs11Config)

type QueryCertsReq 

type QueryCertsReq struct {
	CertSn    int64
	OrgId     string
	UserId    string
	UserType  string
	CertUsage string
}

type RenewCertReq 

type RenewCertReq struct {
	CertSn int64
}

type RevokeCertReq 

type RevokeCertReq struct {
	RevokedCertSn int64
	IssuerCertSn  int64
	Reason        string
}

type RootCertRequestConfig 

type RootCertRequestConfig struct {
	PrivateKey         crypto.PrivateKey
	Country            string
	Locality           string
	Province           string
	OrganizationalUnit string
	Organization       string
	CommonName         string
	ValidTime          time.Duration
	CertUsage          db.CertUsage
	UserType           db.UserType
	HashType           string
}

type UpdateCertConfig 

type UpdateCertConfig struct {
	OldCert         *x509.Certificate
	OldCsrBytes     []byte
	IssuerCertBytes []byte
	IssuerKey       crypto.PrivateKey
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.