Documentation ¶
Overview ¶
Package x509utils provides abstract access to collections of x509 certificates
Index ¶
- Variables
- func BlockToCertificate(block *pem.Block) (*x509.Certificate, error)
- func BlockToRSAPrivateKey(block *pem.Block) (*rsa.PrivateKey, error)
- func EncodeBytes(label string, body []byte, headers map[string]string) []byte
- func EncodeCertificate(der []byte) []byte
- func EncodePKCS1PrivateKey(key *rsa.PrivateKey) []byte
- func EncodePKCS8PrivateKey(key PrivateKey) []byte
- func Hostname(u *url.URL) (string, bool)
- func IsSelfSigned(c *x509.Certificate) bool
- func NameAsIP(name string) (string, bool)
- func NameAsSuffix(name string) (string, bool)
- func Names(cert *x509.Certificate) ([]string, []string)
- func ReadFilePEM(filename string, cb DecodePEMBlockFunc) error
- func ReadPEM(b []byte, cb DecodePEMBlockFunc) error
- func ReadStringPEM(s string, cb DecodePEMBlockFunc) error
- func SanitiseName(name string) (string, bool)
- func SubjectPublicKeyBytes(pub crypto.PublicKey) ([]byte, error)
- func SubjectPublicKeySHA1(pub crypto.PublicKey) (hash [sha1.Size]byte, err error)
- func WriteCert(w io.Writer, cert *x509.Certificate) (int64, error)
- func WriteKey(w io.Writer, key PrivateKey) (int64, error)
- type Bundler
- type CertPoolWriter
- type CertPooler
- type DecodePEMBlockFunc
- type PrivateKey
- type PublicKey
- type ReadStore
- type StoreIterFunc
- type WriteStore
Constants ¶
This section is empty.
Variables ¶
var ( // ErrIgnored is used when we ask the user to try a different function instead ErrIgnored = errors.New("type of value out of scope") )
Functions ¶
func BlockToCertificate ¶
func BlockToCertificate(block *pem.Block) (*x509.Certificate, error)
BlockToCertificate attempts to parse a pem.Block to extract a x509.Certificate
func BlockToRSAPrivateKey ¶
func BlockToRSAPrivateKey(block *pem.Block) (*rsa.PrivateKey, error)
BlockToRSAPrivateKey attempts to parse a pem.Block to extract an rsa.PrivateKey
func EncodeBytes ¶
EncodeBytes produces a PEM encoded block
func EncodeCertificate ¶
EncodeCertificate produces a PEM encoded x509 Certificate without optional headers
func EncodePKCS1PrivateKey ¶
func EncodePKCS1PrivateKey(key *rsa.PrivateKey) []byte
EncodePKCS1PrivateKey produces a PEM encoded RSA Private Key
func EncodePKCS8PrivateKey ¶
func EncodePKCS8PrivateKey(key PrivateKey) []byte
EncodePKCS8PrivateKey produces a PEM encoded Private Key
func IsSelfSigned ¶
func IsSelfSigned(c *x509.Certificate) bool
IsSelfSigned tests if a certificate corresponds to a self-signed CA
func NameAsSuffix ¶
NameAsSuffix prepares a santised hostname for matching certificate patterns
func Names ¶
func Names(cert *x509.Certificate) ([]string, []string)
Names returns a list of exact names and patterns the certificate supports
func ReadFilePEM ¶
func ReadFilePEM(filename string, cb DecodePEMBlockFunc) error
ReadFilePEM reads a PEM file calling cb for each block
func ReadPEM ¶
func ReadPEM(b []byte, cb DecodePEMBlockFunc) error
ReadPEM invoques a callback for each PEM block found it can receive raw PEM data
func ReadStringPEM ¶
func ReadStringPEM(s string, cb DecodePEMBlockFunc) error
ReadStringPEM invoques a callback for each PEM block found it can receive raw PEM data, a filename or a directory to scan
func SanitiseName ¶
SanitiseName takes a Hostname and returns the name (or address) we will use for matching certificates
func SubjectPublicKeyBytes ¶
SubjectPublicKeyBytes extracts the SubjectPublicKey bytes from a crypto.PublicKey
func SubjectPublicKeySHA1 ¶
SubjectPublicKeySHA1 returns the SHA1 hash of the SubjectPublicKey of a crypto.PublicKey
Types ¶
type Bundler ¶
type Bundler interface {
Bundle(cert *x509.Certificate, key PrivateKey, roots CertPooler) (*tls.Certificate, error)
}
Bundler is an object that bundles tls.Certificates
type CertPoolWriter ¶
type CertPoolWriter interface { WriteStore AddCert(cert *x509.Certificate) bool AppendCertsFromPEM(b []byte) bool }
CertPoolWriter represents the write-only interface of our CertPool
type CertPooler ¶
type CertPooler interface { ReadStore Clone() CertPooler Export() *x509.CertPool }
CertPooler represents the read-only interface of our CertPool
type DecodePEMBlockFunc ¶
DecodePEMBlockFunc is called for each PEM block coded. it returns true to terminate the loop
type PrivateKey ¶
type PrivateKey interface { Public() crypto.PublicKey Equal(x crypto.PrivateKey) bool }
PrivateKey implements what crypto.PrivateKey should have
func BlockToPrivateKey ¶
func BlockToPrivateKey(block *pem.Block) (PrivateKey, error)
BlockToPrivateKey parses a pem Block looking for rsa, ecdsa or ed25519 Private Keys
type ReadStore ¶
type ReadStore interface { Get(ctx context.Context, name string) (*x509.Certificate, error) ForEach(ctx context.Context, f StoreIterFunc) error }
ReadStore represents the methods to access a x509 Store
type StoreIterFunc ¶
type StoreIterFunc func(*x509.Certificate) error
StoreIterFunc defines the type of function passed to ReadStore.ForEach