pkisetup

package

v1.0.1-0...-83faf87 Latest Latest Go to latest Published: Jul 10, 2019 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/edgexfoundry/security-secret-store

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func FatalIfErr(err error, msg string)
func GenCA(cf *CertConfig) (*x509.Certificate, crypto.PrivateKey, error)
func GenCert(cf *CertConfig) (*x509.Certificate, crypto.PrivateKey, error)
type CertConfig
- func CreateEnv(x509config *X509Config) (CertConfig, error)
type KeyScheme
type RootCA
type TLSServer
type X509Config
- func ReadConfig(configFilePtr *string) (X509Config, error)

Constants ¶

View Source

const (
	CmdUsageMsg = "Usage of ./pkisetup:"
)

Variables ¶

This section is empty.

Functions ¶

func FatalIfErr ¶

func FatalIfErr(err error, msg string)

FatalIfErr = Printf() followed by a call to os.Exit(1)

func GenCA ¶

func GenCA(cf *CertConfig) (*x509.Certificate, crypto.PrivateKey, error)

GenCA creates a new CA certificate, saves it to PEM file and returns the x509 certificate and crypto private key.*/

func GenCert ¶

func GenCert(cf *CertConfig) (*x509.Certificate, crypto.PrivateKey, error)

GenCert creates a new TLS server certificate, saves it to PEM file and returns the x509 certificate and crypto private key.

Types ¶

type CertConfig ¶

type CertConfig struct {
	// contains filtered or unexported fields
}

CertConfig holds information required to create PKI environment

func CreateEnv ¶

func CreateEnv(x509config *X509Config) (CertConfig, error)

CreateEnv creates enviroment for the PKI certs

type KeyScheme ¶

type KeyScheme struct {
	DumpKeys   string `json:"dump_keys"`
	RSA        string `json:"rsa"`
	RSAKeySize string `json:"rsa_key_size"`
	EC         string `json:"ec"`
	ECCurve    string `json:"ec_curve"`
}

KeyScheme parameters (RSA vs EC) RSA: 1024, 2048, 4096 EC: 224, 256, 384, 521

type RootCA ¶

type RootCA struct {
	CAName     string `json:"ca_name"`
	CACountry  string `json:"ca_c"`
	CAState    string `json:"ca_st"`
	CALocality string `json:"ca_l"`
	CAOrg      string `json:"ca_o"`
}

RootCA parameters from JSON: x509_root_ca_parameters

type TLSServer ¶

type TLSServer struct {
	TLSHost     string `json:"tls_host"`
	TLSDomain   string `json:"tls_domain"`
	TLSCountry  string `json:"tls_c"`
	TLSSate     string `json:"tls_st"`
	TLSLocality string `json:"tls_l"`
	TLSOrg      string `json:"tls_o"`
}

TLSServer parameters from JSON config: x509_tls_server_parameters

type X509Config ¶

type X509Config struct {
	CreateNewRootCA string    `json:"create_new_rootca"`
	WorkingDir      string    `json:"working_dir"`
	PKISetupDir     string    `json:"pki_setup_dir"`
	DumpConfig      string    `json:"dump_config"`
	KeyScheme       KeyScheme `json:"key_scheme"`
	RootCA          RootCA    `json:"x509_root_ca_parameters"`
	TLSServer       TLSServer `json:"x509_tls_server_parameters"`
}

X509Config JSON config file main structure

func ReadConfig ¶

func ReadConfig(configFilePtr *string) (X509Config, error)

ReadConfig load the configuration from filesystem and return X509Config struct

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL