x509svid

Documentation

Index

• Constants
• func ParseAndValidateCSR(csrDER []byte, validationMode idutil.ValidationMode) (csr *x509.CertificateRequest, err error)
• func ValidateCSR(csr *x509.CertificateRequest, validationMode idutil.ValidationMode) error
• type UpstreamCA
  • func NewUpstreamCA(keypair x509util.Keypair, trustDomain string, options UpstreamCAOptions) *UpstreamCA
  • func (ca *UpstreamCA) SignCSR(ctx context.Context, csrDER []byte, preferredTTL time.Duration) (*x509.Certificate, error)
• type UpstreamCAOptions

Constants

const (
	DefaultUpstreamCABackdate = time.Second * 10
	DefaultUpstreamCATTL      = time.Hour
)

Functions

func ParseAndValidateCSR

func ParseAndValidateCSR(csrDER []byte, validationMode idutil.ValidationMode) (csr *x509.CertificateRequest, err error)

func ValidateCSR

func ValidateCSR(csr *x509.CertificateRequest, validationMode idutil.ValidationMode) error

Types

type UpstreamCA

type UpstreamCA struct {
	// contains filtered or unexported fields
}

func NewUpstreamCA

func NewUpstreamCA(keypair x509util.Keypair, trustDomain string, options UpstreamCAOptions) *UpstreamCA

func (*UpstreamCA) SignCSR

func (ca *UpstreamCA) SignCSR(ctx context.Context, csrDER []byte, preferredTTL time.Duration) (*x509.Certificate, error)

type UpstreamCAOptions

type UpstreamCAOptions struct {
	Backdate time.Duration
	Clock    clock.Clock
}