Version: v2.14.13+incompatible Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Apr 2, 2021 License: Apache-2.0 Imports: 13 Imported by: 148



Package triple generates key-certificate pairs for the triple (CA, Server, Client).



View Source
const (
	RSAPrivateKeyBlockType = "RSA PRIVATE KEY"
	// ECPrivateKeyBlockType is a possible value for pem.Block.Type.
	ECPrivateKeyBlockType = "EC PRIVATE KEY"
	PrivateKeyBlockType   = "PRIVATE KEY"
	CertificateBlockType  = "CERTIFICATE"


This section is empty.


func EncodeCertPEM

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data

func EncodePrivateKeyPEM

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data

func NewPrivateKey

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSignedCert

func NewSignedCert(cfg certutil.Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error)

NewSignedCert creates a signed certificate using the given CA certificate and key

func ParseCertsPEM

func ParseCertsPEM(pemCerts []byte) ([]*x509.Certificate, error)

ParseCertsPEM returns the x509.Certificates contained in the given PEM-encoded byte array Returns an error if a certificate could not be parsed, or if the data does not contain any certificates

func ParsePrivateKeyPEM

func ParsePrivateKeyPEM(keyData []byte) (interface{}, error)

ParsePrivateKeyPEM returns a private key parsed from a PEM block in the supplied data. Recognizes PEM blocks for "EC PRIVATE KEY", "RSA PRIVATE KEY", or "PRIVATE KEY"


type KeyPair

type KeyPair struct {
	Key  *rsa.PrivateKey
	Cert *x509.Certificate

func NewCA

func NewCA(name string) (*KeyPair, error)

func NewClientKeyPair

func NewClientKeyPair(ca *KeyPair, commonName string, organizations []string) (*KeyPair, error)

func NewServerKeyPair

func NewServerKeyPair(ca *KeyPair, commonName, svcName, svcNamespace, dnsDomain string, ips, hostnames []string) (*KeyPair, error)

func ParseRSAKeyPair

func ParseRSAKeyPair(certPEM, keyPEM []byte) (*KeyPair, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL