util

package
v5.7.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 12, 2024 License: Apache-2.0 Imports: 22 Imported by: 5

Documentation

Overview

This file contains functions that were copied from x509.pem_decrypt.go in order to keep supporting X509EncryptPEMBlock and x509DecryptPEMBlock the use of this is not recommended, this is just to continue supporting old applications.

Index

Constants

View Source
const (
	PathSeparator           = "\\"
	ApplicationServerTypeID = "784938d1-ef0d-11eb-9461-7bb533ba575b"
	// DefaultUserAgent is the default value of the UserAgent header in HTTP
	// requests to Venafi API endpoints.
	DefaultUserAgent = "vcert/v5"
)
View Source
const (
	LegacyPem = "legacy-pem"
	//nolint: gosec  // Ignoring false positive "G101 Potential hardcoded credentials"
	HeaderTpplApikey = "tppl-api-key"
	OauthTokenType   = "Bearer"
	DefaultTimeout   = 180 // seconds
)
View Source
const (
	RsaPrivKeyType = "RSA PRIVATE KEY"
)

Variables

View Source
var IncorrectPasswordError = fmt.Errorf("x509: decryption password incorrect")

IncorrectPasswordError is returned when an incorrect password is detected.

Functions

func ArrayContainsString

func ArrayContainsString(s []string, e string) bool

TODO: test this function

func ConfigureLogger added in v5.1.0

func ConfigureLogger(debug bool) error

ConfigureLogger sets the default values for the cli logger

func ConvertSecondsToTime

func ConvertSecondsToTime(t int64) time.Time

func DecryptPkcs8PrivateKey

func DecryptPkcs8PrivateKey(privateKey, password string) (string, error)

func EncryptPkcs1PrivateKey

func EncryptPkcs1PrivateKey(privateKey, password string) (string, error)

func GenerateSshKeyPair

func GenerateSshKeyPair(bitSize int, keyPassword, certId string, format ...string) ([]byte, []byte, error)

func GetBooleanRef

func GetBooleanRef(val bool) *bool

func GetIntRef

func GetIntRef(val int) *int

func GetJsonAsString

func GetJsonAsString(i interface{}) (s string)

func GetKeystoreOptionsString added in v5.7.0

func GetKeystoreOptionsString(cloudProviderID *string, cloudKeystoreID *string, cloudProviderName *string, cloudKeystoreName *string) string

func GetPrivateKeyType

func GetPrivateKeyType(pk, pass string) string

func NormalizeUrl added in v5.1.0

func NormalizeUrl(url string) string

func StringPointerToString added in v5.7.0

func StringPointerToString(input *string) string

func X509DecryptPEMBlock

func X509DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error)

DecryptPEMBlock takes a password encrypted PEM block and the password used to encrypt it and returns a slice of decrypted DER encoded bytes. It inspects the DEK-Info header to determine the algorithm used for decryption. If no DEK-Info header is present, an error is returned. If an incorrect password is detected an IncorrectPasswordError is returned. Because of deficiencies in the encrypted-PEM format, it's not always possible to detect an incorrect password. In these cases no error will be returned but the decrypted DER bytes will be random noise.

func X509EncryptPEMBlock

func X509EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error)

EncryptPEMBlock returns a PEM block of the specified type holding the given DER-encoded data encrypted with the specified algorithm and password.

func X509IsEncryptedPEMBlock

func X509IsEncryptedPEMBlock(b *pem.Block) bool

IsEncryptedPEMBlock returns whether the PEM block is password encrypted according to RFC 1423. design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext.

Types

type IssuerHint

type IssuerHint int
const (
	IssuerHintGeneric IssuerHint = iota
	IssuerHintMicrosoft
	IssuerHintDigicert
	IssuerHintEntrust
	IssuerHintAllIssuers
)

func (IssuerHint) MarshalYAML

func (i IssuerHint) MarshalYAML() (interface{}, error)

MarshalYAML customizes the behavior of ChainOption when being marshaled into a YAML document. The returned value is marshaled in place of the original value implementing Marshaller

func (*IssuerHint) String

func (i *IssuerHint) String() string

String returns a string representation of this object

func (*IssuerHint) UnmarshalYAML

func (i *IssuerHint) UnmarshalYAML(value *yaml.Node) error

UnmarshalYAML customizes the behavior when being unmarshalled from a YAML document

type PEMCipher

type PEMCipher int
const (
	PEMCipherDES PEMCipher
	PEMCipher3DES
	PEMCipherAES128
	PEMCipherAES192
	PEMCipherAES256
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL