Documentation
¶
Index ¶
- Constants
- func GenCertSelfSigned(cn, validTill string) (*certutil.CertBundle, *x509.RevocationList, error)
- func GetPrivateKeyTypeAndBitLenght(cert *tls.Certificate) (string, int, error)
- func GetRawCertificate(pemStr string) (*x509.Certificate, error)
- func IsCertificateInRevokedList(cert *x509.Certificate, crl *x509.RevocationList) bool
- func IsCertificateValid(pem string, crl *x509.RevocationList) (bool, string, error)
- func LoadCertPair(cert, key []byte) (*tls.Certificate, error)
- func SignCSR(csr []byte, notAfterStr string) (*certutil.ParsedCertBundle, error)
- type Certificate
- type CertificateInvalid
- type Options
Constants ¶
View Source
const ( CertificateRSA = "rsa" CertificateEC = "ec" CertificateECDSA = "ecdsa" )
Variables ¶
This section is empty.
Functions ¶
func GenCertSelfSigned ¶
func GenCertSelfSigned(cn, validTill string) (*certutil.CertBundle, *x509.RevocationList, error)
Func should be used if we are going to issue cert not sign
func GetPrivateKeyTypeAndBitLenght ¶
func GetPrivateKeyTypeAndBitLenght(cert *tls.Certificate) (string, int, error)
func GetRawCertificate ¶
func GetRawCertificate(pemStr string) (*x509.Certificate, error)
GetRawCertificate would return certificate from string
func IsCertificateInRevokedList ¶
func IsCertificateInRevokedList(cert *x509.Certificate, crl *x509.RevocationList) bool
IsCertificateInRevokedList would check if cert is in revoked certificates list
func IsCertificateValid ¶
IsCertificateValid would verify if: 1. Certificate is not expired 2. Certificate is not in revokation list It would return true and certificate CN
func LoadCertPair ¶
func LoadCertPair(cert, key []byte) (*tls.Certificate, error)
Types ¶
type Certificate ¶
type Certificate struct {
Serial string
CommonName string
AltNames []string
Issuer string
Type string
ECDSACurve string
KeyBits int
ValidFrom time.Time
ValidUntil time.Time
PrivateKey any
IssuingCA string
PemCert string
PemKey string
Revoked bool
}
Certificate is representation of x509.Certificate
func GetCertificateFromPem ¶
func GetCertificateFromPem(cert, key, ca string, crl *x509.RevocationList) (*Certificate, error)
func NewCertificate ¶
func NewCertificate(cert *x509.Certificate, revoked bool) *Certificate
NewCertificate would convert x509 Certificate to Certificate
func (*Certificate) GenerateCSR ¶
func (c *Certificate) GenerateCSR() (string, error)
func (*Certificate) GeneratePrivateKey ¶
func (c *Certificate) GeneratePrivateKey() error
func (*Certificate) PublicKey ¶
func (c *Certificate) PublicKey() any
func (*Certificate) SetParsedPrivateKey ¶
func (c *Certificate) SetParsedPrivateKey(privateKey crypto.Signer, privateKeyType certutil.PrivateKeyType, privateKeyBytes []byte)
type CertificateInvalid ¶
type CertificateInvalid struct {
// contains filtered or unexported fields
}
func (*CertificateInvalid) Error ¶
func (c *CertificateInvalid) Error() string
type Options ¶
type Options func(*Certificate) error
Options is a type of options for Certificate
func ECDSACurve ¶
ECDSACurve is option function to set Certificate curve for ECDSA type cert
func ValidUntil ¶
ValidUntil is option to set AltNames
Source Files
Click to show internal directories.
Click to hide internal directories.