crypto

package

v0.4.1 Latest Latest Go to latest Published: Mar 9, 2015 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/caesarxuchao/origin

Links

Open Source Insights

Documentation ¶

Index ¶

func IPAddressesDNSNames(hosts []string) ([]net.IP, []string)
func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)
type CA
- func InitCA(dir string, name string) (*CA, error)
- func (ca *CA) MakeClientConfig(clientId string, u user.Info, baseKubeconfig clientcmdapi.Config) (kclient.Config, error)
- func (ca *CA) MakeServerCert(name string, hostnames []string) (*TLSCertificateConfig, error)
type TLSCertificateConfig

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func IPAddressesDNSNames ¶ added in v0.2.2

func IPAddressesDNSNames(hosts []string) ([]net.IP, []string)

func NewKeyPair ¶

func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)

Types ¶

type CA ¶

type CA struct {
	Dir        string
	SerialFile string
	Serial     int64
	Config     *TLSCertificateConfig
}

func InitCA ¶

func InitCA(dir string, name string) (*CA, error)

InitCA ensures a certificate authority structure exists in the given directory, creating it if necessary:

<dir>/
  ca/
root.crt	- Root certificate bundle.
cert.crt	- Signing certificate
key.key	 - Private key
serial.txt  - Stores the highest serial number generated by this CA

func (*CA) MakeClientConfig ¶

func (ca *CA) MakeClientConfig(clientId string, u user.Info, baseKubeconfig clientcmdapi.Config) (kclient.Config, error)

MakeClientConfig creates a folder containing certificates for the given client:

<CA.dir>/
  <clientId>/
    root.crt - Root certificate bundle.
    cert.crt - Client certificate
    key.key  - Private key
    .kubeconfig - baseKubeconfig with root.crt added to all clusters, and client user added to all contexts

The generated certificate has the following attributes:

Subject:
  SerialNumber: user.GetUID()
  CommonName:   user.GetName()
  Organization: user.GetGroups()
ExtKeyUsage: ExtKeyUsageClientAuth

func (*CA) MakeServerCert ¶

func (ca *CA) MakeServerCert(name string, hostnames []string) (*TLSCertificateConfig, error)

MakeServerCert creates a folder containing certificates for the given server:

<CA.dir>/
 <name>/
root.crt	- Root certificate bundle.
cert.crt	- Server certificate
key.key	 - Private key

The generated certificate has the following attributes:

CommonName: hostnames[0]
DNSNames subjectAltNames containing all specified hostnames
IPAddresses subjectAltNames containing all specified hostnames which are IP addresses
ExtKeyUsage: ExtKeyUsageServerAuth

type TLSCertificateConfig ¶

type TLSCertificateConfig struct {
	CAFile   string
	CertFile string
	KeyFile  string

	Roots []*x509.Certificate
	Certs []*x509.Certificate
	Key   crypto.PrivateKey
}

Source Files ¶

View all Source files

crypto.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL