-
Notifications
You must be signed in to change notification settings - Fork 0
/
defs.go
66 lines (54 loc) · 1.98 KB
/
defs.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package certkitetcd
import (
"time"
"errors"
"regexp"
"crypto/tls"
"crypto/rsa"
"crypto/x509"
"github.com/luisfurquim/goose"
// etcd "github.com/coreos/etcd/client"
// etcd "github.com/etcd-io/etcd/client/v2"
// etcd "github.com/etcd-io/etcd/client/v3"
etcd "go.etcd.io/etcd/client/v2"
)
type UserDB struct {
Cert *x509.Certificate
}
type CertKit struct {
Etcdcli etcd.Client
Etcdkey string
Path string
ServerCertPem, CACertPem []byte
ServerCert, CACert *x509.Certificate
ServerKeyPem, CAKeyPem []byte
ServerKey, CAKey *rsa.PrivateKey
CACRL []byte
CertPool *x509.CertPool
UserCerts map[string]*UserDB
PendingCerts map[string]*UserDB
ServerX509KeyPair tls.Certificate
etcdCertKeyRE *regexp.Regexp
etcdDeleteKeyRE *regexp.Regexp
notAfterCA time.Time
notAfterClient time.Time
notAfterServer time.Time
}
type CertkitG struct {
Generator goose.Alert `json:"Generator"`
Loader goose.Alert `json:"Loader"`
Serve goose.Alert `json:"Serve"`
Auth goose.Alert `json:"Auth"`
}
var Goose CertkitG
var ErrorCertsMustHaveKeys = errors.New("Either provide both certificate and key or none of them")
var ErrorUnauthorized = errors.New("Unauthorized access attempt")
var ErrorNoEtcdHandler = errors.New("No etcd handler provided")
var ErrorNoEtcdKey = errors.New("No etcd key provided")
var ErrorBadEtcdHandler = errors.New("Bad etcd handler provided")
var ErrorBadEtcdKey = errors.New("Bad etcd key provided")
var ErrorBadPEMBlock = errors.New("Bad PEM block")
var ErrorValidDate = errors.New("Failed certificate has expired or not yet valid date")
var ServerTime time.Duration = 365*24*time.Hour
var ClientTime time.Duration = 3650*24*time.Hour
var CaTime time.Duration = 365*24*20*time.Hour