package certdb
import "github.com/cloudflare/cfssl/certdb"
Index ¶
- type Accessor
- type CertificateRecord
- func (c *CertificateRecord) GetMetadata() (map[string]interface{}, error)
- func (c *CertificateRecord) GetSANs() ([]string, error)
- func (c *CertificateRecord) SetMetadata(meta map[string]interface{}) error
- func (c *CertificateRecord) SetSANs(meta []string) error
- type OCSPRecord
Types ¶
type Accessor ¶
type Accessor interface {
InsertCertificate(cr CertificateRecord) error
GetCertificate(serial, aki string) ([]CertificateRecord, error)
GetUnexpiredCertificates() ([]CertificateRecord, error)
GetRevokedAndUnexpiredCertificates() ([]CertificateRecord, error)
GetUnexpiredCertificatesByLabel(labels []string) (crs []CertificateRecord, err error)
GetRevokedAndUnexpiredCertificatesByLabel(label string) ([]CertificateRecord, error)
GetRevokedAndUnexpiredCertificatesByLabelSelectColumns(label string) ([]CertificateRecord, error)
RevokeCertificate(serial, aki string, reasonCode int) error
InsertOCSP(rr OCSPRecord) error
GetOCSP(serial, aki string) ([]OCSPRecord, error)
GetUnexpiredOCSPs() ([]OCSPRecord, error)
UpdateOCSP(serial, aki, body string, expiry time.Time) error
UpsertOCSP(serial, aki, body string, expiry time.Time) error
}
Accessor abstracts the CRUD of certdb objects from a DB.
type CertificateRecord ¶
type CertificateRecord struct {
Serial string `db:"serial_number"`
AKI string `db:"authority_key_identifier"`
CALabel string `db:"ca_label"`
Status string `db:"status"`
Reason int `db:"reason"`
Expiry time.Time `db:"expiry"`
RevokedAt time.Time `db:"revoked_at"`
PEM string `db:"pem"`
// the following fields will be empty for data inserted before migrate 002 has been run.
IssuedAt *time.Time `db:"issued_at"`
NotBefore *time.Time `db:"not_before"`
MetadataJSON types.JSONText `db:"metadata"`
SANsJSON types.JSONText `db:"sans"`
CommonName sql.NullString `db:"common_name"`
}
CertificateRecord encodes a certificate and its metadata that will be recorded in a database.
func (*CertificateRecord) GetMetadata ¶
func (c *CertificateRecord) GetMetadata() (map[string]interface{}, error)
GetMetadata returns the json metadata
func (*CertificateRecord) GetSANs ¶
func (c *CertificateRecord) GetSANs() ([]string, error)
GetSANs returns the json SANs
func (*CertificateRecord) SetMetadata ¶
func (c *CertificateRecord) SetMetadata(meta map[string]interface{}) error
SetMetadata sets the metadata json
func (*CertificateRecord) SetSANs ¶
func (c *CertificateRecord) SetSANs(meta []string) error
SetSANs sets the list of sans
type OCSPRecord ¶
type OCSPRecord struct {
Serial string `db:"serial_number"`
AKI string `db:"authority_key_identifier"`
Body string `db:"body"`
Expiry time.Time `db:"expiry"`
}
OCSPRecord encodes a OCSP response body and its metadata that will be recorded in a database.
Source Files ¶
Directories ¶
| Path | Synopsis |
|---|---|
| certdb/dbconf | |
| certdb/ocspstapling | Package ocspstapling implements OCSP stapling of Signed Certificate Timestamps (SCTs) into OCSP responses in a database. |
| certdb/sql | |
| certdb/testdb |
- Version
- v1.6.5 (latest)
- Published
- Mar 5, 2024
- Platform
- linux/amd64
- Imports
- 4 packages
- Last checked
- 6 days ago –
Tools for package owners.