truststore

package module
Version: v0.10.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 29, 2021 License: Apache-2.0 Imports: 17 Imported by: 17

README

truststore

GoDoc Go Report Card

Package to locally install development certificates.

Based on https://github.com/FiloSottile/mkcert

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNotSupported is the error to indicate that the install of the
	// certificate is not supported on the system.
	ErrNotSupported = errors.New("install is not supported on this system")

	// ErrNotFound is the error to indicate that a cert was not found.
	ErrNotFound = errors.New("no certs found")

	// ErrInvalidCertificate is the error to indicate that a cert contains bad data.
	ErrInvalidCertificate = errors.New("invalid PEM data")

	// ErrTrustExists is the error returned when a trust already exists.
	ErrTrustExists = errors.New("trust already exists")

	// ErrTrustNotFound is the error returned when a trust does not exists.
	ErrTrustNotFound = errors.New("trust does not exists")

	// ErrTrustNotSupported is the error returned when a trust is not supported.
	ErrTrustNotSupported = errors.New("trust not supported")
)
View Source
var (
	// NSSProfile is the path of the Firefox profiles.
	NSSProfile = os.Getenv("HOME") + "/.mozilla/firefox/*"

	// CertutilInstallHelp is the command to run on linux to add NSS support.
	CertutilInstallHelp = `apt install libnss3-tools" or "yum install nss-tools`

	// SystemTrustFilename is the format used to name the root certificates.
	SystemTrustFilename string

	// SystemTrustCommand is the command used to update the system truststore.
	SystemTrustCommand []string
)
View Source
var JavaStorePass = "changeit"

JavaStorePass is the default store password of the keystore.

Functions

func CommandWithSudo

func CommandWithSudo(cmd ...string) *exec.Cmd

func Install

func Install(cert *x509.Certificate, opts ...Option) error

Install installs the given certificate into the system truststore, and optionally to the Firefox and Java trustores.

func InstallFile

func InstallFile(filename string, opts ...Option) error

InstallFile will read the certificate in the given file and install it to the system truststore, and optionally to the Firefox and Java truststores.

func ReadCertificate

func ReadCertificate(filename string) (*x509.Certificate, error)

ReadCertificate reads a certificate file and returns a x509.Certificate struct.

func SaveCertificate

func SaveCertificate(filename string, cert *x509.Certificate) error

SaveCertificate saves the given x509.Certificate with the given filename.

func Uninstall

func Uninstall(cert *x509.Certificate, opts ...Option) error

Uninstall removes the given certificate from the system truststore, and optionally from the Firefox and Java truststres.

func UninstallFile

func UninstallFile(filename string, opts ...Option) error

UninstallFile reads the certificate in the given file and removes it from the system truststore, and optionally to the Firefox and Java truststores.

Types

type CmdError

type CmdError struct {
	// contains filtered or unexported fields
}

CmdError is the error used when an executable fails.

func NewCmdError

func NewCmdError(err error, cmd *exec.Cmd, out []byte) *CmdError

NewCmdError creates a new CmdError.

func (*CmdError) Cmd

func (e *CmdError) Cmd() *exec.Cmd

Cmd returns the command executed.

func (*CmdError) Err

func (e *CmdError) Err() error

Err returns the internal error.

func (*CmdError) Error

func (e *CmdError) Error() string

Error implements the error interface.

func (*CmdError) Out

func (e *CmdError) Out() []byte

Out returns the output of the command.

type JavaTrust

type JavaTrust struct {
	// contains filtered or unexported fields
}

JavaTrust implements a Trust for the Java runtime.

func NewJavaTrust

func NewJavaTrust() (*JavaTrust, error)

NewJavaTrust initializes a new JavaTrust if the environment has java installed.

func (*JavaTrust) Exists

func (t *JavaTrust) Exists(cert *x509.Certificate) bool

Exists implements the Trust interface.

func (*JavaTrust) Install

func (t *JavaTrust) Install(filename string, cert *x509.Certificate) error

Install implements the Trust interface.

func (*JavaTrust) Name

func (t *JavaTrust) Name() string

Name implement the Trust interface.

func (*JavaTrust) PreCheck

func (t *JavaTrust) PreCheck() error

PreCheck implements the Trust interface.

func (*JavaTrust) Uninstall

func (t *JavaTrust) Uninstall(filename string, cert *x509.Certificate) error

Uninstall implements the Trust interface.

type NSSTrust

type NSSTrust struct {
	// contains filtered or unexported fields
}

NSSTrust implements a Trust for Firefox or other NSS based applications.

func NewNSSTrust

func NewNSSTrust() (*NSSTrust, error)

NewNSSTrust creates a new NSSTrust.

func (*NSSTrust) Exists

func (t *NSSTrust) Exists(cert *x509.Certificate) bool

Exists implements the Trust interface. Exists checks if the certificate is already installed.

func (*NSSTrust) Install

func (t *NSSTrust) Install(filename string, cert *x509.Certificate) error

Install implements the Trust interface.

func (*NSSTrust) Name

func (t *NSSTrust) Name() string

Name implements the Trust interface.

func (*NSSTrust) PreCheck

func (t *NSSTrust) PreCheck() error

PreCheck implements the Trust interface.

func (*NSSTrust) Uninstall

func (t *NSSTrust) Uninstall(filename string, cert *x509.Certificate) (err error)

Uninstall implements the Trust interface.

type Option

type Option func(*options)

Option is the type used to pass custom options.

func WithDebug

func WithDebug() Option

WithDebug enables debug logging messages.

func WithFirefox

func WithFirefox() Option

WithFirefox enables the install or uninstall of a certificate in the Firefox truststore.

func WithJava

func WithJava() Option

WithJava enables the install or uninstall of a certificate in the Java truststore.

func WithNoSystem

func WithNoSystem() Option

WithNoSystem disables the install or uninstall of a certificate in the system truststore.

func WithPrefix

func WithPrefix(s string) Option

WithPrefix sets a custom prefix for the truststore name.

func WithTrust

func WithTrust(t Trust) Option

WithTrust enables the given trust.

type Trust

type Trust interface {
	Name() string
	Install(filename string, cert *x509.Certificate) error
	Uninstall(filename string, cert *x509.Certificate) error
	Exists(cert *x509.Certificate) bool
	PreCheck() error
}

Trust is the interface that non-system trustores implement to add and remove a certificate on its trustore. Right now we there are two implementations of trust NSS (Firefox) and Java.

Directories

Path Synopsis
cmd

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL