Documentation
¶
Index ¶
- Constants
- Variables
- func ExtractPublicKey(priv crypto.PrivateKey) (crypto.PublicKey, error)
- func GenBase64Token(randr io.Reader, logger *zap.Logger) (string, error)
- func GenerateKey(randr io.Reader, ktype KeyType, usage string, logger *zap.Logger) (crypto.PrivateKey, error)
- func PubKeyPinString(pub crypto.PublicKey) (string, error)
- func SubjectKeyIdFromPubkey(pub crypto.PublicKey) ([]byte, error)
- func VerifyCACert(cert *x509.Certificate, t time.Time) error
- func VerifyCACertAndKey(priv crypto.PrivateKey, cert *x509.Certificate, t time.Time) error
- func VerifyPublicKeyMatch(a, b crypto.PublicKey) error
- func VerifyServerCert(cert *x509.Certificate, cacert *x509.Certificate, t time.Time) error
- type KeyType
Constants ¶
View Source
const TokenBitsLength = 6 * 4 * 3
Variables ¶
View Source
var ErrPublicKeyMismatch = errors.New("Public keys do not match.")
View Source
var ServerKeyType = KeySECP256R1
Functions ¶
func ExtractPublicKey ¶
func ExtractPublicKey(priv crypto.PrivateKey) (crypto.PublicKey, error)
func GenerateKey ¶
func PubKeyPinString ¶
PubKeyPinString extracts the SHA256 hash for use of curl`s --pinnedpubkey commandline option.
func VerifyCACert ¶
func VerifyCACert(cert *x509.Certificate, t time.Time) error
func VerifyCACertAndKey ¶
func VerifyCACertAndKey(priv crypto.PrivateKey, cert *x509.Certificate, t time.Time) error
func VerifyPublicKeyMatch ¶
func VerifyServerCert ¶
func VerifyServerCert(cert *x509.Certificate, cacert *x509.Certificate, t time.Time) error
Types ¶
type KeyType ¶
type KeyType int
func KeyTypeFromString ¶
func (*KeyType) UnmarshalFlag ¶
func (*KeyType) UnmarshalYAML ¶
Source Files
Click to show internal directories.
Click to hide internal directories.