wcrypto

Documentation

Index

• Constants
• Variables
• func ExtractPublicKey(priv crypto.PrivateKey) (crypto.PublicKey, error)
• func GenBase64Token(randr io.Reader, logger *zap.Logger) (string, error)
• func GenerateKey(randr io.Reader, ktype KeyType, usage string, logger *zap.Logger) (crypto.PrivateKey, error)
• func PubKeyPinString(pub crypto.PublicKey) (string, error)
• func SubjectKeyIdFromPubkey(pub crypto.PublicKey) ([]byte, error)
• func VerifyCACert(cert *x509.Certificate, t time.Time) error
• func VerifyCACertAndKey(priv crypto.PrivateKey, cert *x509.Certificate, t time.Time) error
• func VerifyPublicKeyMatch(a, b crypto.PublicKey) error
• func VerifyServerCert(cert *x509.Certificate, cacert *x509.Certificate, t time.Time) error
• type KeyType
  • func KeyTypeFromString(s string) (KeyType, error)
  • func KeyTypeOfPub(pub crypto.PublicKey) (KeyType, error)
  • func (expected KeyType) CompatibleWith(actual KeyType) error
  • func (kt KeyType) String() string
  • func (p *KeyType) UnmarshalFlag(s string) error
  • func (p *KeyType) UnmarshalYAML(unmarshal func(interface{}) error) error
• type UnexpectedKeyTypeErr
  • func (e UnexpectedKeyTypeErr) Error() string
  • func (UnexpectedKeyTypeErr) Is(target error) bool

Constants

const TokenBitsLength = 6 * 4 * 3

Variables

var DefaultKeyType = KeyRSA4096

var ErrKeyAnyForGenerateKey = errors.New("KeyAny is not a valid keytype for wcrypto.GenerateKey") //nolint

var ErrPublicKeyMismatch = errors.New("public keys do not match")

var ServerKeyType = KeySECP256R1

Functions

func ExtractPublicKey

func ExtractPublicKey(priv crypto.PrivateKey) (crypto.PublicKey, error)

func GenBase64Token

func GenBase64Token(randr io.Reader, logger *zap.Logger) (string, error)

func GenerateKey

func GenerateKey(randr io.Reader, ktype KeyType, usage string, logger *zap.Logger) (crypto.PrivateKey, error)

func PubKeyPinString

func PubKeyPinString(pub crypto.PublicKey) (string, error)

PubKeyPinString extracts the SHA256 hash for use of curl`s --pinnedpubkey commandline option.

func SubjectKeyIdFromPubkey

func SubjectKeyIdFromPubkey(pub crypto.PublicKey) ([]byte, error)

func VerifyCACert

func VerifyCACert(cert *x509.Certificate, t time.Time) error

func VerifyCACertAndKey

func VerifyCACertAndKey(priv crypto.PrivateKey, cert *x509.Certificate, t time.Time) error

func VerifyPublicKeyMatch

func VerifyPublicKeyMatch(a, b crypto.PublicKey) error

func VerifyServerCert

func VerifyServerCert(cert *x509.Certificate, cacert *x509.Certificate, t time.Time) error

Types

type KeyType

type KeyType int

const (
	KeyAny KeyType = iota
	KeyRSA4096
	KeySECP256R1
	KeyRSA2048
)

Keep this in sync with pb.KeyType

func KeyTypeFromString

func KeyTypeFromString(s string) (KeyType, error)

func KeyTypeOfPub

func KeyTypeOfPub(pub crypto.PublicKey) (KeyType, error)

func (KeyType) CompatibleWith

func (expected KeyType) CompatibleWith(actual KeyType) error

func (KeyType) String

func (kt KeyType) String() string

func (*KeyType) UnmarshalFlag

func (p *KeyType) UnmarshalFlag(s string) error

func (*KeyType) UnmarshalYAML

func (p *KeyType) UnmarshalYAML(unmarshal func(interface{}) error) error

type UnexpectedKeyTypeErr

type UnexpectedKeyTypeErr struct {
	Expected KeyType
	Actual   KeyType
}

func (UnexpectedKeyTypeErr) Error

func (e UnexpectedKeyTypeErr) Error() string

func (UnexpectedKeyTypeErr) Is

func (UnexpectedKeyTypeErr) Is(target error) bool