generateCertificate

package

v0.0.0-...-48b1b68 Latest Latest Go to latest Published: Aug 3, 2020 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/go-ocf/kit

Documentation ¶

Index ¶

func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)
func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, ...) ([]byte, error)
func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, ...) ([]byte, error)
func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)
func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)
func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)
type Configuration

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateCSR ¶

func GenerateCSR(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)

GenerateCSR creates CSR according to configuration.

func GenerateCert ¶

func GenerateCert(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateIdentityCSR ¶

func GenerateIdentityCSR(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey) ([]byte, error)

GenerateIdentityCSR creates identity CSR according to configuration.

func GenerateIdentityCert ¶

func GenerateIdentityCert(cfg Configuration, deviceID string, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateIntermediateCA ¶

func GenerateIntermediateCA(cfg Configuration, privateKey *ecdsa.PrivateKey, signerCA []*x509.Certificate, signerCAKey *ecdsa.PrivateKey) ([]byte, error)

func GenerateRootCA ¶

func GenerateRootCA(cfg Configuration, privateKey *ecdsa.PrivateKey) ([]byte, error)

func NewIdentityCSRTemplate ¶

func NewIdentityCSRTemplate(deviceID string) (*x509.CertificateRequest, error)

func OidFromExtKeyUsage ¶

func OidFromExtKeyUsage(eku x509.ExtKeyUsage) (oid asn1.ObjectIdentifier, ok bool)

Types ¶

type Configuration ¶

type Configuration struct {
	Subject struct {
		Country            []string `long:"c" description:"to set more values repeat option with parameter"`
		Organization       []string `long:"o" description:"to set more values repeat option with parameter"`
		OrganizationalUnit []string `long:"ou" description:"to set more values repeat option with parameter"`
		Locality           []string `long:"l" description:"to set more values repeat option with parameter"`
		CommonName         string   `long:"cn"`
		Province           []string `long:"p" description:"to set more values repeat option with parameter"`
		StreetAddress      []string `long:"sa" description:"to set more values repeat option with parameter"`
		PostalCode         []string `long:"pc" description:"to set more values repeat option with parameter"`
		SerialNumber       string   `long:"sn"`
	} `group:"Subject" namespace:"subject"`
	SubjectAlternativeName struct {
		DNSNames    []string `long:"domain" description:"to set more values repeat option with parameter"`
		IPAddresses []string `long:"ip" description:"to set more values repeat option with parameter"`
	} `group:"Subject Alternative Name" namespace:"san"`
	BasicConstraints struct {
		Ignore     bool `long:"ignore"  description:"bool, don't set basic constraints"`
		MaxPathLen int  `long:"maxPathLen" default:"-1"  description:"int, -1 means unlimited"`
	} `group:"Basic Constraints" namespace:"basicConstraints"`
	ValidFor           time.Duration `long:"validFor" default:"8760h" description:"duration, format in NUMh"`
	KeyUsages          []string      `long:"ku" default:"digitalSignature" default:"keyAgreement" description:"to set more values repeat option with parameter"`
	ExtensionKeyUsages []string      `long:"eku" default:"client" default:"server" description:"to set more values repeat option with parameter"`
}

func (Configuration) AsnExtensionKeyUsages ¶

func (cfg Configuration) AsnExtensionKeyUsages() ([]asn1.ObjectIdentifier, error)

func (Configuration) AsnKeyUsages ¶

func (cfg Configuration) AsnKeyUsages() (asn1.BitString, error)

func (Configuration) ToIPAddresses ¶

func (cfg Configuration) ToIPAddresses() ([]net.IP, error)

func (Configuration) ToPkixName ¶

func (cfg Configuration) ToPkixName() pkix.Name

func (Configuration) X509ExtKeyUsages ¶

func (cfg Configuration) X509ExtKeyUsages() ([]x509.ExtKeyUsage, []asn1.ObjectIdentifier, error)

func (Configuration) X509KeyUsages ¶

func (cfg Configuration) X509KeyUsages() (x509.KeyUsage, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL