util

package
v1.0.0-alpha3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2018 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source 
const SecretTag = "mask"

SecretTag to tag a field as secret as in password, token

Variables

View Source 
var (

	// ErrNotImplemented used to return errors for functions not implemented
	ErrNotImplemented = errors.New("NOT YET IMPLEMENTED")
)
View Source 
var RevocationReasonCodes = map[string]int{
	"unspecified":          ocsp.Unspecified,
	"keycompromise":        ocsp.KeyCompromise,
	"cacompromise":         ocsp.CACompromise,
	"affiliationchanged":   ocsp.AffiliationChanged,
	"superseded":           ocsp.Superseded,
	"cessationofoperation": ocsp.CessationOfOperation,
	"certificatehold":      ocsp.CertificateHold,
	"removefromcrl":        ocsp.RemoveFromCRL,
	"privilegewithdrawn":   ocsp.PrivilegeWithdrawn,
	"aacompromise":         ocsp.AACompromise,
}

RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280

View Source 
var URLRegex = regexp.MustCompile("(ldap|http)s*://(\\S+):(\\S+)@")

URLRegex is the regular expression to check if a value is an URL

Functions

func B64Decode 

func B64Decode(str string) (buf []byte, err error)

B64Decode base64 decodes a string

func B64Encode 

func B64Encode(buf []byte) string

B64Encode base64 encodes bytes

func BCCSPKeyRequestGenerate 

func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP core.CryptoSuite) (core.Key, crypto.Signer, error)

BCCSPKeyRequestGenerate generates keys through BCCSP somewhat mirroring to cfssl/req.KeyRequest.Generate()

func CreateToken 

func CreateToken(csp core.CryptoSuite, cert []byte, key core.Key, body []byte) (string, error)

CreateToken creates a JWT-like token. In a normal JWT token, the format of the token created is: 

<algorithm,claims,signature>

where each part is base64-encoded string separated by a period. In this JWT-like token, there are two differences:

  1. the claims section is a certificate, so the format is: <certificate,signature>
  2. the signature uses the private key associated with the certificate, and the signature is across both the certificate and the "body" argument, which is the body of an HTTP request, though could be any arbitrary bytes.

@param cert The pem-encoded certificate @param key The pem-encoded key @param body The body of an HTTP request

func GenECDSAToken 

func GenECDSAToken(csp core.CryptoSuite, cert []byte, key core.Key, body []byte) (string, error)

GenECDSAToken signs the http body and cert with ECDSA using EC private key

func GetEnrollmentIDFromPEM 

func GetEnrollmentIDFromPEM(cert []byte) (string, error)

GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer

func GetEnrollmentIDFromX509Certificate 

func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string

GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate

func GetMaskedURL 

func GetMaskedURL(url string) string

GetMaskedURL returns masked URL. It masks username and password from the URL if present

func GetSerialAsHex 

func GetSerialAsHex(serial *big.Int) string

GetSerialAsHex returns the serial number from certificate as hex format

func GetSignerFromCert 

func GetSignerFromCert(cert *x509.Certificate, csp core.CryptoSuite) (core.Key, crypto.Signer, error)

GetSignerFromCert load private key represented by ski and return bccsp signer that conforms to crypto.Signer

func GetX509CertificateFromPEM 

func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)

GetX509CertificateFromPEM get an X509 certificate from bytes in PEM format

func HTTPRequestToString 

func HTTPRequestToString(req *http.Request) string

HTTPRequestToString returns a string for an HTTP request for debuggging

func HTTPResponseToString 

func HTTPResponseToString(resp *http.Response) string

HTTPResponseToString returns a string for an HTTP response for debuggging

func ImportBCCSPKeyFromPEM 

func ImportBCCSPKeyFromPEM(keyFile string, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

ImportBCCSPKeyFromPEM attempts to create a private BCCSP key from a pem file keyFile

func ImportBCCSPKeyFromPEMBytes 

func ImportBCCSPKeyFromPEMBytes(keyBuff []byte, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

ImportBCCSPKeyFromPEMBytes attempts to create a private BCCSP key from a pem byte slice

func LoadX509KeyPair 

func LoadX509KeyPair(certFile, keyFile string, csp core.CryptoSuite) (*tls.Certificate, error)

LoadX509KeyPair reads and parses a public/private key pair from a pair of files. The files must contain PEM encoded data. The certificate file may contain intermediate certificates following the leaf certificate to form a certificate chain. On successful return, Certificate.Leaf will be nil because the parsed form of the certificate is not retained.

This function originated from crypto/tls/tls.go and was adapted to use a BCCSP Signer

func MakeFileAbs 

func MakeFileAbs(file, dir string) (string, error)

MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute

func Marshal 

func Marshal(from interface{}, what string) ([]byte, error)

Marshal to bytes

func ReadFile 

func ReadFile(file string) ([]byte, error)

ReadFile reads a file

func StructToString 

func StructToString(si interface{}) string

StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string

Types

type ECDSASignature 

type ECDSASignature struct {
	R, S *big.Int
}

ECDSASignature forms the structure for R and S value for ECDSA

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.