Documentation
¶
Index ¶
- Constants
- Variables
- func CreateCertificateWithIssuer(keyPair KeyPair, certOpts ...CertificateOption) (*x509.Certificate, error)
- func CreateSelfSignedRootCertificate(keyPair KeyPair, certOpts ...CertificateOption) (*x509.Certificate, error)
- func EncodeCertificateChain(out io.Writer, certificates []*x509.Certificate) (err error)
- func EncodePKCS1PrivateKey(out io.Writer, privateKey any) (err error)
- func EncodePKCS8PrivateKey(out io.Writer, privateKey any) (err error)
- func EncodePKCS8PublicKey(out io.Writer, publicKey any) (err error)
- type CertificateOption
- func WithCA(isCA bool) CertificateOption
- func WithDomains(domains []string) CertificateOption
- func WithIPs(ips []string) CertificateOption
- func WithIssuer(issuer *x509.Certificate) CertificateOption
- func WithIssuerPrivateKey(issuerPrivateKey any) CertificateOption
- func WithNotAfter(notAfter time.Time) CertificateOption
- func WithNotBefore(notBefore time.Time) CertificateOption
- func WithSerialNumber(serialNumber *big.Int) CertificateOption
- func WithSubject(subject string) CertificateOption
- func WithVersion(version int) CertificateOption
- type KeyAlgorithm
- type KeyGenerator
- type KeyOption
- type KeyPair
- type KeyPairGenerator
Constants ¶
View Source
const ( MaxTLSHours = 825 * 24 // 825 days MaxCAHours = 20 * 365 * 24 // 20 years )
Variables ¶
View Source
var ( ErrInvalidCertOptions = errors.New("invalid certificate options") ErrEmptyPublicKey = errors.New("empty public key") )
View Source
var ( ErrUnknownPrivateKey = errors.New("unknown private key") ErrUnknownAlgorithm = errors.New("unknown algorithm") )
View Source
var ( // DomainValidated policy identifiers of 2.23.140.1.2.1 // // Certificate issued in compliance with the TLS Baseline Requirements – No entity identity asserted DomainValidated = asn1.ObjectIdentifier{2, 23, 140, 1, 2, 1} )
Functions ¶
func CreateCertificateWithIssuer ¶ added in v1.3.0
func CreateCertificateWithIssuer(keyPair KeyPair, certOpts ...CertificateOption) (*x509.Certificate, error)
CreateCertificateWithIssuer create a certificate signed by specified issuer
func CreateSelfSignedRootCertificate ¶ added in v1.1.0
func CreateSelfSignedRootCertificate(keyPair KeyPair, certOpts ...CertificateOption) (*x509.Certificate, error)
CreateSelfSignedRootCertificate create a self-signed root certificate
func EncodeCertificateChain ¶
func EncodeCertificateChain(out io.Writer, certificates []*x509.Certificate) (err error)
Types ¶
type CertificateOption ¶ added in v1.1.0
type CertificateOption interface {
// contains filtered or unexported methods
}
func WithCA ¶ added in v1.1.0
func WithCA(isCA bool) CertificateOption
func WithDomains ¶ added in v1.1.0
func WithDomains(domains []string) CertificateOption
func WithIPs ¶ added in v1.1.0
func WithIPs(ips []string) CertificateOption
func WithIssuer ¶ added in v1.1.0
func WithIssuer(issuer *x509.Certificate) CertificateOption
func WithIssuerPrivateKey ¶ added in v1.1.0
func WithIssuerPrivateKey(issuerPrivateKey any) CertificateOption
func WithNotAfter ¶ added in v1.1.0
func WithNotAfter(notAfter time.Time) CertificateOption
func WithNotBefore ¶ added in v1.1.0
func WithNotBefore(notBefore time.Time) CertificateOption
func WithSerialNumber ¶ added in v1.1.0
func WithSerialNumber(serialNumber *big.Int) CertificateOption
func WithSubject ¶ added in v1.1.0
func WithSubject(subject string) CertificateOption
func WithVersion ¶ added in v1.1.0
func WithVersion(version int) CertificateOption
type KeyAlgorithm ¶ added in v1.3.0
type KeyAlgorithm int8
const ( RSA KeyAlgorithm = 1 << iota ECDSA ED25519 )
func ParseKeyAlgorithm ¶ added in v1.3.0
func ParseKeyAlgorithm(text string) (KeyAlgorithm, error)
func (KeyAlgorithm) MarshalText ¶ added in v1.3.0
func (l KeyAlgorithm) MarshalText() ([]byte, error)
MarshalText marshals the KeyAlgorithm to text.
func (KeyAlgorithm) String ¶ added in v1.3.0
func (k KeyAlgorithm) String() string
func (*KeyAlgorithm) UnmarshalText ¶ added in v1.3.0
func (l *KeyAlgorithm) UnmarshalText(text []byte) error
UnmarshalText unmarshal text to a KeyAlgorithm. Like MarshalText.
type KeyGenerator ¶ added in v1.3.0
type KeyGenerator func(opts keyOptions) (crypto.PrivateKey, error)
func GetKeyGenerator ¶ added in v1.3.0
func GetKeyGenerator(keyType KeyAlgorithm) KeyGenerator
type KeyOption ¶ added in v1.1.0
type KeyOption interface {
// contains filtered or unexported methods
}
func WithKeySize ¶ added in v1.1.0
func WithRandom ¶ added in v1.1.0
type KeyPair ¶
type KeyPair struct {
PublicKey crypto.PublicKey
PrivateKey crypto.PrivateKey
}
func NewKeyPair ¶
type KeyPairGenerator ¶
func GetKeyPairGenerator ¶
func GetKeyPairGenerator(algorithm KeyAlgorithm, opts ...KeyOption) (KeyPairGenerator, error)
GetKeyPairGenerator returns a KeyPairGenerator The following algorithm are currently supported: ECDSA, RSA, ED25519 Unsupported key algorithm will return an ErrUnknownAlgorithm error.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.