generator

package
v0.0.0-...-4384373 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 29, 2018 License: BSD-2-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package generator implements the HTTP handlers for certificate generation.

Index

Constants

View Source
const (
	// CSRNoHostMessage is used to alert the user to a certificate lacking a hosts field.
	CSRNoHostMessage = `` /* 313-byte string literal not displayed */

	// NoBundlerMessage is used to alert the user that the server does not have a bundler initialized.
	NoBundlerMessage = `This request requires a bundler, but one is not initialized for the API server.`
)

Variables

This section is empty.

Functions

func CSRValidate

func CSRValidate(req *csr.CertificateRequest) error

CSRValidate does nothing and will never return an error. It exists because NewHandler requires a Validator as a parameter.

func NewCertGeneratorHandler

func NewCertGeneratorHandler(validator Validator, caFile, caKeyFile string, policy *config.Signing) (http.Handler, error)

NewCertGeneratorHandler builds a new handler for generating certificates directly from certificate requests; the validator covers the certificate request and the CA's key and certificate are used to sign the generated request. If remote is not an empty string, the handler will send signature requests to the CFSSL instance contained in remote.

func NewCertGeneratorHandlerFromSigner

func NewCertGeneratorHandlerFromSigner(validator Validator, signer signer.Signer) http.Handler

NewCertGeneratorHandlerFromSigner returns a handler directly from the signer and validation function.

func NewHandler

func NewHandler(validator Validator) (http.Handler, error)

NewHandler builds a new Handler from the validation function provided.

Types

type CertGeneratorHandler

type CertGeneratorHandler struct {
	// contains filtered or unexported fields
}

A CertGeneratorHandler accepts JSON-encoded certificate requests and returns a new private key and signed certificate; it handles sending the CSR to the server.

func (*CertGeneratorHandler) Handle

Handle responds to requests for the CA to generate a new private key and certificate on behalf of the client. The format for these requests is documented in the API documentation.

func (*CertGeneratorHandler) SetBundler

func (cg *CertGeneratorHandler) SetBundler(caBundleFile, intBundleFile string) (err error)

SetBundler allows injecting an optional Bundler into the CertGeneratorHandler.

type CertRequest

type CertRequest struct {
	Key  string         `json:"private_key"`
	CSR  string         `json:"certificate_request"`
	Sums map[string]Sum `json:"sums"`
}

A CertRequest stores a PEM-encoded private key and corresponding CSR; this is returned from the CSR generation endpoint.

type Handler

type Handler struct {
	// contains filtered or unexported fields
}

A Handler accepts JSON-encoded certificate requests and returns a new private key and certificate request.

func (*Handler) Handle

func (g *Handler) Handle(w http.ResponseWriter, r *http.Request) error

Handle responds to requests for the CA to generate a new private key and certificate request on behalf of the client. The format for these requests is documented in the API documentation.

type Sum

type Sum struct {
	MD5  string `json:"md5"`
	SHA1 string `json:"sha-1"`
}

Sum contains digests for a certificate or certificate request.

type Validator

type Validator func(*csr.CertificateRequest) error

Validator is a type of function that contains the logic for validating a certificate request.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL