easypki

package

v1.1.0 Latest Latest Go to latest Published: Feb 15, 2017 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Package easypki provides helpers to manage a Public Key Infrastructure.

This section is empty.

View Source

var (
	ErrCannotSelfSignNonCA = errors.New("cannot self sign non CA request")
	ErrMaxPathLenReached   = errors.New("max path len reached")
)

Signing errors.

This section is empty.

type EasyPKI struct {
	Store store.Store
}

EasyPKI wraps helpers to handle a Public Key Infrastructure.

func (e *EasyPKI) CRL(caName string, expire time.Time) ([]byte, error)

CRL builds a CRL for a given CA based on the revoked certs.

func (e *EasyPKI) GetBundle(caName, name string) (*certificate.Bundle, error)

GetBundle fetches and returns a certificate bundle from the store.

func (e *EasyPKI) GetCA(name string) (*certificate.Bundle, error)

GetCA fetches and returns the named Certificate Authrority bundle from the store.

func (e *EasyPKI) Revoke(caName string, cert *x509.Certificate) error

Revoke revokes the given certificate from the store.

func (e *EasyPKI) Sign(signer *certificate.Bundle, req *Request) error

Sign signs a generated certificate bundle based on the given request with the given signer.

type Request struct {
	Name                string
	IsClientCertificate bool
	PrivateKeySize      int
	Template            *x509.Certificate
}

Request is a struct for providing configuration to GenerateCertificate when actioning a certification generation request.