Versions in this module Expand all Collapse all v0 v0.2.8 Mar 23, 2020 Changes in this version type PKI + func (p *PKI) ExtractGroups(cert *x509.Certificate) (groups *[]string, err error) v0.2.5 Mar 9, 2020 Changes in this version + const CertFileExtension + const DefaultExpireYears + const DefaultKeySizeBytes + const LockPeriod + const LockTimeout + const PEMCertificateBlock + const PEMRSAPrivateKeyBlock + const PEMx509CRLBlock + type CRLHolder interface + Get func() (*pkix.CertificateList, error) + Put func([]byte) error + type DirKeyStorage struct + func NewDirKeyStorage(keydir string) *DirKeyStorage + func (s *DirKeyStorage) DeleteByCn(cn string) error + func (s *DirKeyStorage) DeleteBySerial(serial *big.Int) error + func (s *DirKeyStorage) GetAll() ([]*X509Pair, error) + func (s *DirKeyStorage) GetByCN(cn string) ([]*X509Pair, error) + func (s *DirKeyStorage) GetBySerial(serial *big.Int) (*X509Pair, error) + func (s *DirKeyStorage) GetLastByCn(cn string) (*X509Pair, error) + func (s *DirKeyStorage) Put(pair *X509Pair) error + type FileCRLHolder struct + func NewFileCRLHolder(path string) *FileCRLHolder + func (h *FileCRLHolder) Get() (*pkix.CertificateList, error) + func (h *FileCRLHolder) Put(content []byte) error + type FileSerialProvider struct + func NewFileSerialProvider(path string) *FileSerialProvider + func (p *FileSerialProvider) Next() (*big.Int, error) + type KeyStorage interface + DeleteByCn func(cn string) error + DeleteBySerial func(serial *big.Int) error + GetAll func() ([]*X509Pair, error) + GetByCN func(cn string) ([]*X509Pair, error) + GetBySerial func(serial *big.Int) (*X509Pair, error) + GetLastByCn func(cn string) (*X509Pair, error) + Put func(pair *X509Pair) error + type NotExist struct + func NewNotExist(err string) *NotExist + func (e *NotExist) Error() string + type PKI struct + Storage KeyStorage + func NewPKI(storage KeyStorage, sp SerialProvider, crlHolder CRLHolder, ...) *PKI + func (p *PKI) GetCRL() (*pkix.CertificateList, error) + func (p *PKI) GetLastCA() (*X509Pair, error) + func (p *PKI) IsRevoked(serial *big.Int) bool + func (p *PKI) NewCa() (*X509Pair, error) + func (p *PKI) NewCert(cn string, server bool, groups ...string) (*X509Pair, error) + func (p *PKI) RevokeAllByCN(cn string) error + func (p *PKI) RevokeOne(serial *big.Int) error + type SerialProvider interface + Next func() (*big.Int, error) + type X509Pair struct + CN string + CertPemBytes []byte + KeyPemBytes []byte + Serial *big.Int + func NewX509Pair(keyPemBytes []byte, certPemBytes []byte, CN string, serial *big.Int) *X509Pair + func (pair *X509Pair) Decode() (key *rsa.PrivateKey, cert *x509.Certificate, err error)