certkit

package module

v0.0.0-...-4fca628 Latest Latest Go to latest Published: Sep 5, 2024 License: MPL-2.0 Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/luisfurquim/stonelizard

Documentation ¶

Index ¶

Constants
Variables
func SetCreatePolicy(policy byte) error
type CertKit
- func New(srvsubject, casubject pkix.Name, host, email string) (*CertKit, error)
- func NewFromCK(path string) (*CertKit, error)
type CertkitG

Constants ¶

View Source

const (
	PolicyCreateCertAsPending byte = iota
	PolicyCreateCertAsTrusted
)

Variables ¶

View Source

var CertDirectories = []string{
	"/etc/ssl/certs",
}

View Source

var ErrInvalidPolicy error = errors.New("Error invalid policy")

View Source

var ErrorCertsMustHaveKeys error = errors.New("Either provide both certificate and key or none of them")

View Source

var ErrorDuplicateFile error = errors.New("Error duplicate file")

View Source

var ErrorUnauthorized error = errors.New("Unauthorized access attempt")

Functions ¶

func SetCreatePolicy ¶

func SetCreatePolicy(policy byte) error

Types ¶

type CertKit ¶

type CertKit struct {
	Path                     string
	ServerCertPem, CACertPem []byte
	ServerCert, CACert       *x509.Certificate
	ServerKeyPem, CAKeyPem   []byte
	ServerKey, CAKey         *rsa.PrivateKey
	CACRL                    []byte
	CertPool                 *x509.CertPool
	UserCerts                map[string]*x509.Certificate
	ServerX509KeyPair        tls.Certificate
}

func New ¶

func New(srvsubject, casubject pkix.Name, host, email string) (*CertKit, error)

func NewFromCK ¶

func NewFromCK(path string) (*CertKit, error)

func (*CertKit) AddUserData ¶

func (ck *CertKit) AddUserData(usrKey string, ClientCert *x509.Certificate) error

func (*CertKit) Authorize ¶

func (ck *CertKit) Authorize(path string, parms map[string]interface{}, RemoteAddr string, TLS *tls.ConnectionState, SavePending func(interface{}) error) (httpstat int, data interface{}, err error)

func (*CertKit) Delete ¶

func (ck *CertKit) Delete(tree, id string) error

func (*CertKit) Drop ¶

func (ck *CertKit) Drop(id string) error

func (*CertKit) GenerateCA ¶

func (crtkit *CertKit) GenerateCA(subject pkix.Name, host, email string, listenport ...string) error

func (*CertKit) GenerateClient ¶

func (crtkit *CertKit) GenerateClient(subject pkix.Name, email, password string) ([]byte, []byte, error)

func (*CertKit) GenerateServer ¶

func (crtkit *CertKit) GenerateServer(subject pkix.Name, host, email string, NotBefore ...time.Time) error

func (*CertKit) GetCACert ¶

func (ck *CertKit) GetCACert() *x509.Certificate

func (*CertKit) GetCAKey ¶

func (ck *CertKit) GetCAKey() *rsa.PrivateKey

func (*CertKit) GetCertPool ¶

func (ck *CertKit) GetCertPool() *x509.CertPool

func (*CertKit) GetDNSNames ¶

func (ck *CertKit) GetDNSNames() []string

func (*CertKit) GetPending ¶

func (ck *CertKit) GetPending() (map[string]interface{}, error)

func (*CertKit) GetServerCert ¶

func (ck *CertKit) GetServerCert() *x509.Certificate

func (*CertKit) GetServerKey ¶

func (ck *CertKit) GetServerKey() *rsa.PrivateKey

func (*CertKit) GetServerX509KeyPair ¶

func (ck *CertKit) GetServerX509KeyPair() tls.Certificate

func (*CertKit) GetTLSConfig ¶

func (ck *CertKit) GetTLSConfig(Access uint8) (*tls.Config, error)

func (ck *CertKit) GetTLSConfig(AuthRequired bool) (*tls.Config, error) {

func (*CertKit) GetTrusted ¶

func (ck *CertKit) GetTrusted() (map[string]interface{}, error)

func (*CertKit) LoadUserData ¶

func (ck *CertKit) LoadUserData() error

func (CertKit) ReadCRL ¶

func (crtkit CertKit) ReadCRL(fname string) ([]byte, error)

Load in memory the Certificate Revogation List from the PemPath field of Service struct

func (CertKit) ReadCertFromReader ¶

func (crtkit CertKit) ReadCertFromReader(r io.Reader) (*x509.Certificate, []byte, error)

Load in memory and decodes the microservice certificate from the PemPath field of Service struct

func (CertKit) ReadCertificate ¶

func (crtkit CertKit) ReadCertificate(fname string) (*x509.Certificate, []byte, error)

Open certificate file and call the reader

func (CertKit) ReadDecryptRsaPrivKey ¶

func (crtkit CertKit) ReadDecryptRsaPrivKey(fname string) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadDecryptRsaPrivKeyFromReader ¶

func (crtkit CertKit) ReadDecryptRsaPrivKeyFromReader(r io.Reader) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadRsaPrivKey ¶

func (crtkit CertKit) ReadRsaPrivKey(fname string) (*rsa.PrivateKey, []byte, error)

func (CertKit) ReadRsaPrivKeyFromReader ¶

func (crtkit CertKit) ReadRsaPrivKeyFromReader(r io.Reader) (*rsa.PrivateKey, []byte, error)

func (*CertKit) Reject ¶

func (ck *CertKit) Reject(id string) error

func (*CertKit) SavePending ¶

func (ck *CertKit) SavePending(cert *x509.Certificate) error

func (CertKit) ServeHTTP ¶

func (svc CertKit) ServeHTTP(w http.ResponseWriter, r *http.Request)

func (*CertKit) Setup ¶

func (ck *CertKit) Setup(udata map[string]interface{}) error

func (*CertKit) StartCRLServer ¶

func (ck *CertKit) StartCRLServer(listenAddress string, listener *stonelizard.StoppableListener) error

func (*CertKit) Trust ¶

func (ck *CertKit) Trust(id string) error

type CertkitG ¶

type CertkitG struct {
	Generator goose.Alert `json:"Generator"`
	Loader    goose.Alert `json:"Loader"`
	Serve     goose.Alert `json:"Serve"`
	Auth      goose.Alert `json:"Auth"`
}

var Goose CertkitG

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL