-
Notifications
You must be signed in to change notification settings - Fork 5
/
certoptions.go
84 lines (73 loc) · 1.72 KB
/
certoptions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
package pki
import (
"crypto/ed25519"
"crypto/x509"
"crypto/x509/pkix"
"math/big"
"net"
"time"
)
// CertOptions are passed to cert options
type CertOptions struct {
NotAfter time.Time
NotBefore time.Time
Parent *x509.Certificate
SerialNumber *big.Int
Subject pkix.Name
DNSNames []string
IPAddresses []net.IP
Pub ed25519.PublicKey
Priv ed25519.PrivateKey
IsCA bool
}
// CertOption sets CertOptions
type CertOption func(c *CertOptions)
// Subject sets the Subject field
func Subject(subject pkix.Name) CertOption {
return func(c *CertOptions) {
c.Subject = subject
}
}
// IsCA states the cert is a CA
func IsCA() CertOption {
return func(c *CertOptions) {
c.IsCA = true
}
}
// DNSNames is a list of hosts to sign in to the certificate
func DNSNames(names ...string) CertOption {
return func(c *CertOptions) {
c.DNSNames = names
}
}
// IPAddresses is a list of IPs to sign in to the certificate
func IPAddresses(ips ...net.IP) CertOption {
return func(c *CertOptions) {
c.IPAddresses = ips
}
}
// KeyPair is the key pair to sign the certificate with
func KeyPair(pub ed25519.PublicKey, priv ed25519.PrivateKey) CertOption {
return func(c *CertOptions) {
c.Pub = pub
c.Priv = priv
}
}
// SerialNumber is the Certificate Serial number
func SerialNumber(serial *big.Int) CertOption {
return func(c *CertOptions) {
c.SerialNumber = serial
}
}
// NotBefore is the time the certificate is not valid before
func NotBefore(time time.Time) CertOption {
return func(c *CertOptions) {
c.NotBefore = time
}
}
// NotAfter is the time the certificate is not valid after
func NotAfter(time time.Time) CertOption {
return func(c *CertOptions) {
c.NotAfter = time
}
}