Documentation ¶
Index ¶
- type Authority
- func (a *Authority) Certificate(n string) *Certificate
- func (a *Authority) CreateClient(name, email string, days int) (*Certificate, error)
- func (a *Authority) CreateServer(name, email string, days int) (*Certificate, error)
- func (a *Authority) File() string
- func (a *Authority) Update() ([]Update, error)
- func (a *Authority) Write(w io.Writer) error
- type Certificate
- type Lifetime
- type Subject
- type Update
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Authority ¶
type Authority struct { Subject Subject `json:"subject"` Directory string `json:"dir"` Issued []*Certificate `json:"certificates"` Lifetime Lifetime `json:"lifetime"` // contains filtered or unexported fields }
Authority is a struct that contains a listing of Certificates and can generate a full PKI stack.
This struct can be Marshaled into JSON to save/load the PKI configuration.
func New ¶
New creates a new Authority with the following options, Name, FileSystem directory, length of the CA certificate and the initial Authority Subject details.
func (*Authority) Certificate ¶
func (a *Authority) Certificate(n string) *Certificate
Certificate will attempt to get the Certificate by the supplied subject name. If no Certificate is found that matches, nil is returned.
func (*Authority) CreateClient ¶
func (a *Authority) CreateClient(name, email string, days int) (*Certificate, error)
CreateClient attempts to create a new client certificate from this CA. The name and email are recommended, but optional.
If the days parameter is less than or equal to zero, the default CA client timespan will be used.
func (*Authority) CreateServer ¶
func (a *Authority) CreateServer(name, email string, days int) (*Certificate, error)
CreateServer attempts to create a new server certificate from this CA. The name and email are recommended, but optional.
If the days parameter is less than or equal to zero, the default CA server timespan will be used.
type Certificate ¶
type Certificate struct { PrivateKey *ecdsa.PrivateKey `json:"-"` *x509.Certificate `json:"-"` Revoked *time.Time `json:"revoked,omitempty"` Name string `json:"name,omitempty"` Key string `json:"key_file,omitempty"` File string `json:"cert_file,omitempty"` Serial big.Int `json:"serial"` Status status `json:"status,omitempty"` }
Certificate is a struct representation of a x509 Certificate. This struct contains some functions for convince and easy management.
The certificate data is not loaded from the specified file path until it is needed.
func (*Certificate) Revoke ¶
func (c *Certificate) Revoke()
Revoke will revoke the Certificate if not already revoked. This function does not return any values. The CRL must be regenerated using the 'Authority.Update()' function in order to take effect.
func (*Certificate) String ¶
func (c *Certificate) String() string
String returns a string representation of this Certificate.
func (*Certificate) Valid ¶
func (c *Certificate) Valid() bool
Valid returns true if the certificate is valid and is not expired nor revoked.
func (*Certificate) ValidFor ¶
func (c *Certificate) ValidFor(d time.Duration) bool
ValidFor returns true if the certificate is valid and is not expired nor revoked and ensures it will be valid for the supplied time duration.
func (*Certificate) Write ¶
func (c *Certificate) Write(w io.Writer) error
Write writes the data of this Certificate to the specified Writer.
This function will return any errors that occurred during the encoding process.
func (*Certificate) WriteKey ¶
func (c *Certificate) WriteKey(w io.Writer) error
WriteKey will attempt to write the PrivateKey for this Certificate to the specified Writer. This function returns 'ErrPrivateKey' error if no PrivateKey is loaded. Any other errors will be returned if the encoding process fails.
type Lifetime ¶
type Lifetime struct { CRL uint16 `json:"crl_days"` Client uint16 `json:"client_days"` Server uint16 `json:"server_days"` }
Lifetime is a struct that stores the days that each type of certificate will be valid for. This can be overridden during certificate generation.
type Subject ¶
type Subject struct { ZIP string `json:"zip,omitempty"` City string `json:"city,omitempty"` State string `json:"state,omitempty"` Email string `json:"email,omitempty"` Street string `json:"street,omitempty"` Domain string `json:"domain,omitempty"` Country string `json:"country"` Department string `json:"department,omitempty"` Organization string `json:"organization"` }
Subject is a struct that can be used to generate a 'pkix.Name' struct from a loaded JSON structure.