cert

package
v0.9.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2022 License: MIT Imports: 23 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	CurveTypeP224    CurveType = "P224"
	CurveTypeP256    CurveType = "P256"
	CurveTypeP384    CurveType = "P384"
	CurveTypeP521    CurveType = "P521"
	CurveTypeED25519 CurveType = "ED25519"

	TLSVersionTLS10 TLSVersion = "TLS10"
	TLSVersionTLS11 TLSVersion = "TLS11"
	TLSVersionTLS12 TLSVersion = "TLS12"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Cache 

type Cache interface {
	Put(cert *tls.Certificate) error
	Get(cn string) (*tls.Certificate, bool)
}

func NewFileSystemCache 

func NewFileSystemCache(certCachePath string, source TimeSource) Cache

type CurveType added in v0.2.0 

type CurveType string

type File added in v0.2.0 

type File struct {
	PublicKeyPath  string
	PrivateKeyPath string
}

type GenerationOptions 

type GenerationOptions struct {
	CommonName         string
	Organization       []string
	OrganizationalUnit []string
	IPAddresses        []net.IP
	DNSNames           []string
	Country            []string
	Province           []string
	Locality           []string
	StreetAddress      []string
	PostalCode         []string
}

type Generator 

type Generator interface {
	CACert(options GenerationOptions) (*tls.Certificate, error)
	ServerCert(options GenerationOptions, ca *tls.Certificate) (*tls.Certificate, error)
}

func NewDefaultGenerator 

func NewDefaultGenerator(options Options) Generator

func NewGenerator 

func NewGenerator(options Options, source TimeSource, provider KeyProvider) Generator

type KeyProvider 

type KeyProvider func() (key interface{}, err error)

type Options added in v0.2.0 

type Options struct {
	RootCACert                  File
	CertCachePath               string
	Curve                       CurveType
	Validity                    ValidityByPurpose
	IncludeInsecureCipherSuites bool
	MinTLSVersion               TLSVersion
}

type PEMCert added in v0.7.0 

type PEMCert struct {
	*tls.Certificate
}

func Read added in v0.7.0 

func Read(cn, inDir string) (*PEMCert, error)

func ReadFrom added in v0.7.0 

func ReadFrom(pubKeyPath, privateKeyPath string) (*PEMCert, error)

func (PEMCert) Write added in v0.7.0 

func (p PEMCert) Write(cn, outDir string) (err error)

type Store 

type Store interface {
	CACert() *tls.Certificate
	Certificate(serverName string, ip net.IP) (*tls.Certificate, error)
	TLSConfig() *tls.Config
}

func MustDefaultStore added in v0.6.0 

func MustDefaultStore(
	options Options,
	logger logging.Logger,
) Store

func NewDefaultStore 

func NewDefaultStore(
	options Options,
	logger logging.Logger,
) (Store, error)

func NewStore 

func NewStore(
	options Options,
	cache Cache,
	generator Generator,
	logger logging.Logger,
) (Store, error)

type TLSVersion added in v0.2.0 

type TLSVersion string

func (TLSVersion) TLSVersion added in v0.2.0 

func (x TLSVersion) TLSVersion() uint16

func (TLSVersion) Value added in v0.2.0 

func (x TLSVersion) Value() string

type TimeSource 

type TimeSource interface {
	UTCNow() time.Time
}

func NewTimeSource 

func NewTimeSource() TimeSource

type ValidityByPurpose added in v0.2.0 

type ValidityByPurpose struct {
	CA     ValidityDuration
	Server ValidityDuration
}

type ValidityDuration added in v0.2.0 

type ValidityDuration struct {
	NotBeforeRelative time.Duration
	NotAfterRelative  time.Duration
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.