pki

package

v0.0.0-...-e09a690 Latest Latest Go to latest Published: Nov 18, 2020 License: Apache-2.0 Imports: 27 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kondor6c/checkr_certs

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func Catcher(err error, location int, description string)
func GetPublicKeyDigest(pkey rsa.PublicKey) string
func Init()
func PemFile(file io.Reader) *pem.Block
func SignatureString(alg x509.SignatureAlgorithm) string
func SignerAlgo(pub crypto.PublicKey, tryAlg string) x509.SignatureAlgorithm
func WebCatcher(w http.ResponseWriter, err error)
type CertName
type ConfigStore
type Extensions
type FullCert
type FullOutput
type JsonInquiry
type LiteCert
type NamedError
type PrivateData

Constants ¶

This section is empty.

Variables ¶

View Source

var DebugSet = false

View Source

var ForceError = false

Functions ¶

func Catcher ¶

func Catcher(err error, location int, description string)

Catcher : Generic Catch all, better than just discarding errors

func GetPublicKeyDigest ¶

func GetPublicKeyDigest(pkey rsa.PublicKey) string

GetPublicKeyDigest: returns RSA public key modulus MD5 hash. TODO: support other key types

func Init ¶

func Init()

func PemFile ¶

func PemFile(file io.Reader) *pem.Block

PemFile ... a core function, takes a file returns the decoded PEM

func SignatureString ¶

func SignatureString(alg x509.SignatureAlgorithm) string

SignatureString ... sourced from cfssl, translate known signature type to string

func SignerAlgo ¶

func SignerAlgo(pub crypto.PublicKey, tryAlg string) x509.SignatureAlgorithm

SignerAlgo ... take public key determine permissible algorithms, attempt user selected algorithm, can be blank

func WebCatcher ¶

func WebCatcher(w http.ResponseWriter, err error)

easy, better is the http

Types ¶

type CertName ¶

type CertName struct {
	CommonName         string `json:"common_name,omitempty" db:"common_name"`
	SerialNumber       string `json:"serial_number,omitempty" db:"serial_number"`
	Country            string `json:"country,omitempty" db:"country"`
	Organization       string `json:"organization,omitempty" db:"organization"`
	OrganizationalUnit string `json:"organizational_unit,omitempty" db:"organizational_unit"`
	Locality           string `json:"locality,omitempty" db:"locality"`
	Province           string `json:"province,omitempty" db:"province"`
	StreetAddress      string `json:"street_address,omitempty" db:"street_address"`
	PostalCode         string `json:"postal_code,omitempty" db:"postal_code"`
	Business           string //2.5.4.15
	Email              string //1.2.840.113549.1.9.1

}

type ConfigStore ¶

type ConfigStore struct {
	List            string //
	CertIn          string
	CaIn            string
	KeyIn           string
	CertOut         string
	CaOut           string
	KeyOut          string
	ActionPrimary   string
	ActionSecondary string
	ActionChoices   []string
}

type Extensions ¶

type Extensions struct {
	AKI       string         `json:"authority_key_id,omitempty" db:"authority_key_id"`
	SKI       string         `json:"subject_key_id,omitempty" db:"subject_key_id"`
	AltNames  string         `json:"alt_names_string,omitempty" db:"alt_names"`
	Sans      []string       `json:"sans,omitempty" db:"sans"`
	KeyUsage  []string       `json:"key_capabilities,omitempty" db:"key_usage"`
	ExtraData nonStandardExt `json:"payload,omitempty" db:""`
}

type FullCert ¶

type FullCert struct {
	Subject            CertName   `json:"subject,omitempty" db:""`
	Issuer             LiteCert   `json:"issuer" db:"issuer"`
	SerialNumber       string     `json:"serial_number,omitempty" db:"serial_number"`
	NotBefore          time.Time  `json:"not_before" db:"not_before"`
	NotAfter           time.Time  `json:"not_after" db:"not_after"`
	SignatureAlgorithm string     `json:"sigalg" db:"signature_algorithm"`
	Signature          string     `json:"signature_hash" db:"signature"`
	PEM                string     `json:"pem" db:"pem"`
	Key                jKey       `json:"key" db:""`
	Extensions         Extensions `json:"extensions,omitempty" db:""`
}

type FullOutput ¶

type FullOutput struct {
	Certs     []FullCert  `json:"certs"`
	Keys      []jKey      `json:"keys"`
	CertAuths []LiteCert  `json:"authorities"`
	Meta      interface{} `json:"meta_info"`
}

type JsonInquiry ¶

type JsonInquiry struct {
	Service  string `json:"service,omitempty"  db:"service"`
	Type     string `json:"type,omitempty"  db:"type"`
	Category string `json:"category,omitempty"  db:"category"`
	Port     int    `json:"port,omitempty"  db:"port"`
	Tls      bool   `json:"tls,omitempty"  db:"tls"`
	Ipv6     bool   `json:"ipv6,omitempty"  db:"ipv6"`
	Protocol string `json:"protocol,omitempty"  db:"protocol"`
	Hostname string `json:"hostname,omitempty"  db:"hostname"`
}

type LiteCert ¶

type LiteCert struct {
	Name          CertName `json:"issuing_name,omitempty" db:""`
	Fingerprint   string   `json:"fingerprint" db:"fingerprint"`
	SignatureHash string   `json:"fp_hash" db:"fp_hash"`
	// contains filtered or unexported fields
}

type NamedError ¶

type NamedError struct {
	Result    interface{}
	Code      int // exit code place for looking up what happened and where. This is critical to presenting the type of errors, did the server timeout, was the cert not trusted?
	PlaceText string
	Force     bool // try to force continue
	Err       error
}

type PrivateData ¶

type PrivateData struct {
	MainAction string
	// contains filtered or unexported fields
}

This is "secret" data, therefore named private

func (*PrivateData) AddHandler ¶

func (p *PrivateData) AddHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) EditHandler ¶

func (p *PrivateData) EditHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) FetchHandler ¶

func (p *PrivateData) FetchHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) IcalHandler ¶

func (p *PrivateData) IcalHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) MainHandler ¶

func (p *PrivateData) MainHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) PrivateKeyHandler ¶

func (p *PrivateData) PrivateKeyHandler(w http.ResponseWriter, r *http.Request)

https://github.com/goharbor/harbor/blob/b664b90b8641859acae96a21ca912781f74753ff/src/jobservice/api/handler.go#L286 GET

func (*PrivateData) RemoteCertIndex ¶

func (p *PrivateData) RemoteCertIndex(w http.ResponseWriter, r *http.Request)

func (*PrivateData) RemoteURLHandler ¶

func (p *PrivateData) RemoteURLHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) RespondJSONHandler ¶

func (p *PrivateData) RespondJSONHandler(w http.ResponseWriter, r *http.Request)

POST, PEM cert, respond with cert details

func (*PrivateData) ServePemHandler ¶

func (p *PrivateData) ServePemHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) ViewHandler ¶

func (p *PrivateData) ViewHandler(w http.ResponseWriter, r *http.Request)

func (*PrivateData) X509CertHandler ¶

func (p *PrivateData) X509CertHandler(w http.ResponseWriter, r *http.Request)

GET

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL