Documentation
¶
Index ¶
- Constants
- Variables
- func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
- func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, ...) ([]byte, error)
- func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
- func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
- func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)
- func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)
- type BasicConstraints
- type Configuration
- func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)
- func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)
- func (cfg Configuration) GenerateKey() (*ecdsa.PrivateKey, error)
- func (cfg Configuration) ToCRLDistributionPoints() ([]string, error)
- func (cfg Configuration) ToEllipticCurve() (elliptic.Curve, error)
- func (cfg Configuration) ToIPAddresses() ([]net.IP, error)
- func (cfg Configuration) ToPkixName() pkix.Name
- func (cfg Configuration) ToSignatureAlgorithm() (x509.SignatureAlgorithm, error)
- func (cfg Configuration) ToValidFrom() (time.Time, error)
- func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)
- func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)
- type EllipticCurve
- type SignatureAlgorithm
Constants ¶
View Source
const ( EllipticCurveP256 EllipticCurve = "P256" EllipticCurveP384 EllipticCurve = "P384" EllipticCurveP521 EllipticCurve = "P521" SignatureAlgorithmECDSAWithSHA256 SignatureAlgorithm = "ECDSA-SHA256" SignatureAlgorithmECDSAWithSHA384 SignatureAlgorithm = "ECDSA-SHA384" SignatureAlgorithmECDSAWithSHA512 SignatureAlgorithm = "ECDSA-SHA512" )
Variables ¶
View Source
var ( ASN1KeyUsage = asn1.ObjectIdentifier{2, 5, 29, 15} ASN1BasicConstraints = asn1.ObjectIdentifier{2, 5, 29, 19} ASN1ExtKeyUsage = asn1.ObjectIdentifier{2, 5, 29, 37} )
Functions ¶
func GenerateCSR ¶
func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
GenerateCSR creates CSR according to configuration.
func GenerateCert ¶
func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateIdentityCSR ¶
func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)
GenerateIdentityCSR creates identity CSR according to configuration.
func GenerateIdentityCert ¶
func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateIntermediateCA ¶
func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateRootCA ¶
func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
func NewIdentityCSRTemplate ¶
func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)
func OidFromExtKeyUsage ¶
func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)
Types ¶
type BasicConstraints ¶ added in v2.6.0
type BasicConstraints struct {
CA bool
}
type Configuration ¶
type Configuration struct {
Subject struct {
Country []string `yaml:"country" long:"c" description:"to set more values repeat option with parameter"`
Organization []string `yaml:"organization" long:"o" description:"to set more values repeat option with parameter"`
OrganizationalUnit []string `yaml:"organizationUnit" long:"ou" description:"to set more values repeat option with parameter"`
Locality []string `yaml:"locality" long:"l" description:"to set more values repeat option with parameter"`
CommonName string `yaml:"commonName" long:"cn"`
Province []string `yaml:"province" long:"p" description:"to set more values repeat option with parameter"`
StreetAddress []string `yaml:"streetAddress" long:"sa" description:"to set more values repeat option with parameter"`
PostalCode []string `yaml:"postalCode" long:"pc" description:"to set more values repeat option with parameter"`
SerialNumber string `yaml:"serialNumber" long:"sn"`
} `yaml:"subject" group:"Subject" namespace:"subject"`
SubjectAlternativeName struct {
DNSNames []string `yaml:"dnsNames" long:"domain" description:"to set more values repeat option with parameter"`
IPAddresses []string `yaml:"ipAddresses" long:"ip" description:"to set more values repeat option with parameter"`
} `yaml:"subjectAlternativeName" group:"Subject Alternative Name" namespace:"san"`
BasicConstraints struct {
Ignore bool `yaml:"ignore" long:"ignore" description:"bool, don't set basic constraints"`
MaxPathLen int `yaml:"maxPathLen" long:"maxPathLen" default:"-1" description:"int, -1 means unlimited"`
} `yaml:"basicConstraints" group:"Basic Constraints" namespace:"basicConstraints"`
ValidFrom string `yaml:"validFrom" long:"validFrom" default:"now" description:"valid from time, format in RFC3339 (eg:2014-11-12T11:45:00Z)"`
ValidFor time.Duration `yaml:"validFor" long:"validFor" default:"8760h" description:"duration, format in NUMh"`
NotBefore string `` /* 128-byte string literal not displayed */
NotAfter string `` /* 131-byte string literal not displayed */
//nolint:staticcheck
KeyUsages []string `` /* 138-byte string literal not displayed */
//nolint:staticcheck
ExtensionKeyUsages []string `` /* 132-byte string literal not displayed */
EllipticCurve EllipticCurve `yaml:"ellipticCurve" long:"ellipticCurve" default:"P256" description:"supported values:P256, P384, P521"`
SignatureAlgorithm SignatureAlgorithm `` /* 146-byte string literal not displayed */
CRLDistributionPoints []string `yaml:"crlDistributionPoints" long:"crl" description:"to set more values repeat option with parameter"`
}
func (Configuration) AsnExtensionKeyUsages ¶
func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)
func (Configuration) AsnKeyUsages ¶
func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)
func (Configuration) GenerateKey ¶
func (cfg Configuration) GenerateKey() (*ecdsa.PrivateKey, error)
func (Configuration) ToCRLDistributionPoints ¶ added in v2.6.0
func (cfg Configuration) ToCRLDistributionPoints() ([]string, error)
func (Configuration) ToEllipticCurve ¶
func (cfg Configuration) ToEllipticCurve() (elliptic.Curve, error)
func (Configuration) ToIPAddresses ¶
func (cfg Configuration) ToIPAddresses() ([]net.IP, error)
func (Configuration) ToPkixName ¶
func (cfg Configuration) ToPkixName() pkix.Name
func (Configuration) ToSignatureAlgorithm ¶
func (cfg Configuration) ToSignatureAlgorithm() (x509.SignatureAlgorithm, error)
func (Configuration) ToValidFrom ¶
func (cfg Configuration) ToValidFrom() (time.Time, error)
func (Configuration) X509ExtKeyUsages ¶
func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)
func (Configuration) X509KeyUsages ¶
func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)
type EllipticCurve ¶
type EllipticCurve string
type SignatureAlgorithm ¶
type SignatureAlgorithm string
Source Files
Click to show internal directories.
Click to hide internal directories.