Documentation ¶
Overview ¶
This file contains functions that were copied from x509.pem_decrypt.go in order to keep supporting X509EncryptPEMBlock and x509DecryptPEMBlock the use of this is not recommended, this is just to continue supporting old applications.
Index ¶
- Constants
- Variables
- func ArrayContainsString(s []string, e string) bool
- func ConfigureLogger(debug bool) error
- func ConvertSecondsToTime(t int64) time.Time
- func DecryptPkcs8PrivateKey(privateKey, password string) (string, error)
- func EncryptPkcs1PrivateKey(privateKey, password string) (string, error)
- func GenerateSshKeyPair(bitSize int, keyPassword, certId string, format ...string) ([]byte, []byte, error)
- func GetBooleanRef(val bool) *bool
- func GetIntRef(val int) *int
- func GetJsonAsString(i interface{}) (s string)
- func GetKeystoreOptionsString(cloudProviderID *string, cloudKeystoreID *string, cloudProviderName *string, ...) string
- func GetPrivateKeyType(pk, pass string) string
- func NormalizeUrl(url string) string
- func StringPointerToString(input *string) string
- func X509DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error)
- func X509EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error)
- func X509IsEncryptedPEMBlock(b *pem.Block) bool
- type IssuerHint
- type PEMCipher
Constants ¶
const ( PathSeparator = "\\" ApplicationServerTypeID = "784938d1-ef0d-11eb-9461-7bb533ba575b" // DefaultUserAgent is the default value of the UserAgent header in HTTP // requests to Venafi API endpoints. DefaultUserAgent = "vcert/v5" )
const ( LegacyPem = "legacy-pem" //nolint: gosec // Ignoring false positive "G101 Potential hardcoded credentials" HeaderTpplApikey = "tppl-api-key" OauthTokenType = "Bearer" DefaultTimeout = 180 // seconds )
const (
RsaPrivKeyType = "RSA PRIVATE KEY"
)
Variables ¶
var IncorrectPasswordError = fmt.Errorf("x509: decryption password incorrect")
IncorrectPasswordError is returned when an incorrect password is detected.
Functions ¶
func ArrayContainsString ¶
TODO: test this function
func ConfigureLogger ¶ added in v5.1.0
ConfigureLogger sets the default values for the cli logger
func ConvertSecondsToTime ¶
func DecryptPkcs8PrivateKey ¶
func EncryptPkcs1PrivateKey ¶
func GenerateSshKeyPair ¶
func GetBooleanRef ¶
func GetJsonAsString ¶
func GetJsonAsString(i interface{}) (s string)
func GetKeystoreOptionsString ¶ added in v5.7.0
func GetPrivateKeyType ¶
func NormalizeUrl ¶ added in v5.1.0
func StringPointerToString ¶ added in v5.7.0
func X509DecryptPEMBlock ¶
DecryptPEMBlock takes a password encrypted PEM block and the password used to encrypt it and returns a slice of decrypted DER encoded bytes. It inspects the DEK-Info header to determine the algorithm used for decryption. If no DEK-Info header is present, an error is returned. If an incorrect password is detected an IncorrectPasswordError is returned. Because of deficiencies in the encrypted-PEM format, it's not always possible to detect an incorrect password. In these cases no error will be returned but the decrypted DER bytes will be random noise.
func X509EncryptPEMBlock ¶
func X509EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error)
EncryptPEMBlock returns a PEM block of the specified type holding the given DER-encoded data encrypted with the specified algorithm and password.
func X509IsEncryptedPEMBlock ¶
IsEncryptedPEMBlock returns whether the PEM block is password encrypted according to RFC 1423. design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext.
Types ¶
type IssuerHint ¶
type IssuerHint int
const ( IssuerHintGeneric IssuerHint = iota IssuerHintMicrosoft IssuerHintDigicert IssuerHintEntrust IssuerHintAllIssuers )
func (IssuerHint) MarshalYAML ¶
func (i IssuerHint) MarshalYAML() (interface{}, error)
MarshalYAML customizes the behavior of ChainOption when being marshaled into a YAML document. The returned value is marshaled in place of the original value implementing Marshaller
func (*IssuerHint) String ¶
func (i *IssuerHint) String() string
String returns a string representation of this object
func (*IssuerHint) UnmarshalYAML ¶
func (i *IssuerHint) UnmarshalYAML(value *yaml.Node) error
UnmarshalYAML customizes the behavior when being unmarshalled from a YAML document