cert

package

v1.0.0 Latest Latest Go to latest Published: Mar 24, 2023 License: Apache-2.0 Imports: 17 Imported by: 0

Details

This section is empty.

This section is empty.

func CreateCertificate(cinfo *TBSCertificate, signature []byte) ([]byte, error)

func CreateCertificateRequest(template *x509.CertificateRequest, pub *sm2.PublicKey,
	pri *sm2.PrivateKey, userId []byte) (csr []byte, err error)

func FillCertificateTemplateByCSR(template *x509.Certificate, csr *x509.CertificateRequest)

func IssueCertificateBySoftCAKey(cinfo *TBSCertificate, caPri *sm2.PrivateKey, userId []byte) ([]byte, error)

func ParseCertificate(asn1Data []byte) (*x509.Certificate, error)

ParseCertificate parses a single certificate from the given ASN.1 DER data.

func ParseCertificateRequest(asn1Data []byte) (*x509.CertificateRequest, error)

ParseCertificateRequest parses a single certificate request from the given ASN.1 DER data.

func VerifyCSRSign(csr *x509.CertificateRequest, userId []byte) bool

func VerifyDERCSRSign(asn1Data []byte, userId []byte) (bool, error)

type TBSCertificate tbsCertificate

func CreateCertificateInfo(template, parent *x509.Certificate, csr *x509.CertificateRequest) (*TBSCertificate, error)

为什么要将构建CertificateInfo和签发证书分开呢? 是因为实际应用中的CA密钥大多数都是放在加密卡/加密机中的，签名由加密卡/加密机来完成