code

package
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 8, 2026 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Overview

Package code contains the go-openssl certificate generation logic used by the CLI and by other Go code that needs to create plain or encrypted PEM assets programmatically.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecryptPEM added in v0.0.6 

func DecryptPEM(content []byte, secret string) ([]byte, error)

DecryptPEM returns plain PEM content. Unencrypted PEM content is returned as-is.

func ReadCertificateFile added in v0.0.6 

func ReadCertificateFile(path string, secret string) (*x509.Certificate, error)

ReadCertificateFile reads a plain or encrypted certificate PEM file.

func ReadPEMFile added in v0.0.6 

func ReadPEMFile(path string, secret string) ([]byte, error)

ReadPEMFile reads a PEM file and decrypts it when it contains a QuicksGo encrypted PEM envelope.

func ReadPrivateKeyFile added in v0.0.6 

func ReadPrivateKeyFile(path string, secret string) (any, error)

ReadPrivateKeyFile reads a plain or encrypted private key PEM file.

func ReadPublicKeyFile added in v0.0.6 

func ReadPublicKeyFile(path string, secret string) (any, error)

ReadPublicKeyFile reads a plain or encrypted public key PEM file.

Types

type App 

type App struct {
	// contains filtered or unexported fields
}

App wires the go-openssl CLI, its command tree, and the certificate generator.

func NewApp 

func NewApp() *App

NewApp creates the default go-openssl application ready to execute from main.

func (*App) Execute 

func (app *App) Execute() error

Execute runs the root go-openssl command tree.

type Command 

type Command interface {
	Cobra() *cobra.Command
}

Command defines an executable CLI command that can be converted into a Cobra command.

type Generator 

type Generator struct {
	// contains filtered or unexported fields
}

Generator coordinates filesystem writes and cryptographic generation helpers.

func NewGenerator 

func NewGenerator() *Generator

NewGenerator creates the default certificate generator.

func (*Generator) Generate 

func (generator *Generator) Generate(options Options) (Result, error)

Generate creates a certificate together with matching private and public keys.

type IOStreams 

type IOStreams struct {
	In  io.Reader
	Out io.Writer
	Err io.Writer
}

IOStreams groups the standard input, output, and error streams used by the CLI.

type Options 

type Options struct {
	// Algorithm selects the key algorithm used to generate the certificate.
	Algorithm string
	// OutputDir is the directory where the PEM files are written.
	OutputDir string
	// CommonName is the subject common name included in the certificate.
	CommonName string
	// DNSNames lists the DNS subject alternative names included in the certificate.
	DNSNames []string
	// IPAddresses lists the IP subject alternative names included in the certificate.
	IPAddresses []string
	// Organization is the subject organization included in the certificate.
	Organization string
	// ValidForDays controls the certificate validity period in days.
	ValidForDays int
	// RSAKeySize is the RSA key size in bits when Algorithm is rsa.
	RSAKeySize int
	// ECCCurve selects the elliptic curve when Algorithm is ecc.
	ECCCurve string
	// Salt mixes additional data into the random source used for generation.
	Salt string
	// CertFileName is the certificate PEM file name written inside OutputDir.
	CertFileName string
	// KeyFileName is the private key PEM file name written inside OutputDir.
	KeyFileName string
	// PublicKeyFileName is the public key PEM file name written inside OutputDir.
	PublicKeyFileName string
	// SignedBy is the CA certificate PEM path used to sign the generated certificate.
	SignedBy string
	// CAKeyFile is the CA private key PEM path used to sign the generated certificate.
	CAKeyFile string
	// IsCA marks the generated certificate as a certificate authority.
	IsCA bool
	// EncryptSecret encrypts generated PEM files when set. It must be at least 32 bytes.
	EncryptSecret string
	// SignedBySecret decrypts an encrypted SignedBy certificate when set.
	SignedBySecret string
	// CAKeySecret decrypts an encrypted CAKeyFile private key when set.
	CAKeySecret string
}

Options configures the generated certificate, keys, output paths, and algorithm-specific settings.

type Result 

type Result struct {
	// Algorithm is the normalized algorithm used for generation.
	Algorithm string
	// OutputDir is the normalized output directory used for the generated files.
	OutputDir string
	// CertificatePath is the path to the generated certificate PEM file.
	CertificatePath string
	// PrivateKeyPath is the path to the generated private key PEM file.
	PrivateKeyPath string
	// PublicKeyPath is the path to the generated public key PEM file.
	PublicKeyPath string
	// Encrypted reports whether the generated PEM files were encrypted.
	Encrypted bool
}

Result describes the generated PEM artifacts and the effective generation parameters.

func GenerateCertificates 

func GenerateCertificates(options Options) (Result, error)

GenerateCertificates generates PEM certificate assets using the default generator.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.