Documentation

Overview

    Package pki provides PKI all the PKI functions necessary to run micro over an untrusted network including a CA

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    func CA

    func CA(opts ...CertOption) ([]byte, []byte, error)

      CA generates a self signed CA and returns cert, key in PEM format

      func CSR

      func CSR(opts ...CertOption) ([]byte, error)

        CSR generates a certificate request in PEM format

        func GenerateKey

        func GenerateKey() (ed25519.PublicKey, ed25519.PrivateKey, error)

          GenerateKey returns an ed25519 key

          func Sign

          func Sign(CACrt, CAKey, CSR []byte, opts ...CertOption) ([]byte, error)

            Sign decodes a CSR and signs it with the CA

            Types

            type CertOption

            type CertOption func(c *CertOptions)

              CertOption sets CertOptions

              func DNSNames

              func DNSNames(names ...string) CertOption

                DNSNames is a list of hosts to sign in to the certificate

                func IPAddresses

                func IPAddresses(ips ...net.IP) CertOption

                  IPAddresses is a list of IPs to sign in to the certificate

                  func IsCA

                  func IsCA() CertOption

                    IsCA states the cert is a CA

                    func KeyPair

                    func KeyPair(pub ed25519.PublicKey, priv ed25519.PrivateKey) CertOption

                      KeyPair is the key pair to sign the certificate with

                      func NotAfter

                      func NotAfter(time time.Time) CertOption

                        NotAfter is the time the certificate is not valid after

                        func NotBefore

                        func NotBefore(time time.Time) CertOption

                          NotBefore is the time the certificate is not valid before

                          func SerialNumber

                          func SerialNumber(serial *big.Int) CertOption

                            SerialNumber is the Certificate Serial number

                            func Subject

                            func Subject(subject pkix.Name) CertOption

                              Subject sets the Subject field

                              type CertOptions

                              type CertOptions struct {
                              	IsCA         bool
                              	Subject      pkix.Name
                              	DNSNames     []string
                              	IPAddresses  []net.IP
                              	SerialNumber *big.Int
                              	NotBefore    time.Time
                              	NotAfter     time.Time
                              
                              	Parent *x509.Certificate
                              	Pub    ed25519.PublicKey
                              	Priv   ed25519.PrivateKey
                              }

                                CertOptions are passed to cert options