CA defines a certificate authority that can generate certificates signed by it
type CA interface {
// CertBytes returns the certificate of the CA in PEM encoding
CertBytes() []byte
// newCertKeyPair returns a certificate and private key pair and nil,
// or nil, error in case of failure
// The certificate is signed by the CA and is used for TLS client authentication
NewClientCertKeyPair() (*CertKeyPair, error)
// NewServerCertKeyPair returns a CertKeyPair and nil,
// with a given custom SAN.
// The certificate is signed by the CA.
// Returns nil, error in case of failure
NewServerCertKeyPair(host string) (*CertKeyPair, error)
}
func NewCA() (CA, error)
CertKeyPair denotes a TLS certificate and corresponding key, both PEM encoded
type CertKeyPair struct {
// Cert is the certificate, PEM encoded
Cert []byte
// Key is the key corresponding to the certificate, PEM encoded
Key []byte
crypto.Signer
TLSCert *x509.Certificate
}
func CertKeyPairFromString(privKey string, pubKey string) (*CertKeyPair, error)
CertKeyPairFromString converts the given strings in base64 encoding to a CertKeyPair
func (p *CertKeyPair) PrivKeyString() string
func (p *CertKeyPair) PubKeyString() string