github.com/blend/go-sdk@v1.20220411.3/certutil/defaults.go (about)

     1  /*
     2  
     3  Copyright (c) 2022 - Present. Blend Labs, Inc. All rights reserved
     4  Use of this source code is governed by a MIT license that can be found in the LICENSE file.
     5  
     6  */
     7  
     8  package certutil
     9  
    10  import (
    11  	"crypto/x509"
    12  	"time"
    13  )
    14  
    15  // DefaultOptionsCertificateAuthority are the default options for certificate authorities.
    16  var DefaultOptionsCertificateAuthority = CertOptions{
    17  	Certificate: x509.Certificate{
    18  		IsCA:                  true,
    19  		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
    20  		BasicConstraintsValid: true,
    21  	},
    22  	NotAfterProvider: func() time.Time { return time.Now().UTC().AddDate(DefaultCANotAfterYears, 0, 0) },
    23  }
    24  
    25  // DefaultOptionsServer are the default create cert options for server certificates.
    26  var DefaultOptionsServer = CertOptions{
    27  	Certificate: x509.Certificate{
    28  		ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
    29  		KeyUsage:    x509.KeyUsageDigitalSignature,
    30  	},
    31  	NotAfterProvider: func() time.Time { return time.Now().UTC().AddDate(DefaultServerNotAfterYears, 0, 0) },
    32  }
    33  
    34  // DefaultOptionsClient are the default create cert options for client certificates.
    35  var DefaultOptionsClient = CertOptions{
    36  	Certificate: x509.Certificate{
    37  		ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
    38  		KeyUsage:    x509.KeyUsageDigitalSignature,
    39  	},
    40  	NotAfterProvider: func() time.Time { return time.Now().UTC().AddDate(DefaultClientNotAfterYears, 0, 0) },
    41  }