afssl

package module

v1.12.0 Latest Latest Go to latest Published: Dec 19, 2023 License: Apache-2.0 Imports: 18 Imported by: 4

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aacfactory/afssl

Links

Open Source Insights

README ¶

AFSSL

SSL Generator.

Install

go get github.com/aacfactory/afssl

Usage

Generate Self Signed SSL.

config := afssl.CertificateConfig{}
// ca
caPEM, caKeyPEM, caErr := afssl.GenerateCertificate(config, afssl.CA())
if caErr != nil {
    t.Error("ca", caErr)
    return
}
fmt.Println(string(caPEM))
fmt.Println(string(caKeyPEM))
// server
serverPEM, serverKeyPEM, serverErr := afssl.GenerateCertificate(config, afssl.WithParent(caPEM, caKeyPEM))
if serverErr != nil {
    t.Error("server", serverErr)
    return
}
fmt.Println(string(serverPEM))
fmt.Println(string(serverKeyPEM))
// client
clientPEM, clientKeyPEM, clientErr := afssl.GenerateCertificate(config, afssl.WithParent(caPEM, caKeyPEM))
if clientErr != nil {
    t.Error("client", clientErr)
    return
}
fmt.Println(string(clientPEM))
fmt.Println(string(clientKeyPEM))

Use as bin

go install github.com/aacfactory/afssl/commands/afssl@latest

afssl --type={RSA,ECDSA,ED25519,SM2} --ca --expire={days} --cn={CN} {dst path}

Documentation ¶

Index ¶

func CreateCA(cn string, expireDays int) (crtPEM []byte, keyPEM []byte, err error)
func GenerateCertificate(config CertificateConfig, opts ...GenerateCertificateOption) (certPEM []byte, keyPEM []byte, err error)
func SSC(caPEM []byte, keyPEM []byte) (serverTLS *tls.Config, clientTLS *tls.Config, err error)
type CertificateConfig
type CertificatePkixName
- func (pn *CertificatePkixName) Name() pkix.Name
type GenerateCertificateOption
type GenerateCertificateOptions
type KeyName
type KeyType

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateCA ¶ added in v1.6.0

func CreateCA(cn string, expireDays int) (crtPEM []byte, keyPEM []byte, err error)

func GenerateCertificate ¶ added in v1.1.0

func GenerateCertificate(config CertificateConfig, opts ...GenerateCertificateOption) (certPEM []byte, keyPEM []byte, err error)

func SSC ¶ added in v1.6.0

func SSC(caPEM []byte, keyPEM []byte) (serverTLS *tls.Config, clientTLS *tls.Config, err error)

Types ¶

type CertificateConfig ¶ added in v1.1.0

type CertificateConfig struct {
	Issuer   *CertificatePkixName
	Subject  *CertificatePkixName
	IPs      []string
	Emails   []string
	DNSNames []string
}

type CertificatePkixName ¶ added in v1.8.0

type CertificatePkixName struct {
	Country            string
	Province           string
	Locality           string
	Organization       string
	OrganizationalUnit string
	StreetAddress      string
	PostalCode         string
	SerialNumber       string
	CommonName         string
}

func (*CertificatePkixName) Name ¶ added in v1.8.0

func (pn *CertificatePkixName) Name() pkix.Name

type GenerateCertificateOption ¶ added in v1.1.0

type GenerateCertificateOption func(*GenerateCertificateOptions) error

func CA ¶ added in v1.1.0

func CA() GenerateCertificateOption

func WithExpirationDays ¶ added in v1.1.0

func WithExpirationDays(days int) GenerateCertificateOption

func WithKeyType ¶ added in v1.8.0

func WithKeyType(keyType KeyType) GenerateCertificateOption

func WithParent ¶ added in v1.1.0

func WithParent(certPEM []byte, keyPEM []byte) GenerateCertificateOption

func WithSerialNumber ¶ added in v1.1.0

func WithSerialNumber(sn uint64) GenerateCertificateOption

type GenerateCertificateOptions ¶ added in v1.1.0

type GenerateCertificateOptions struct {
	// contains filtered or unexported fields
}

type KeyName ¶ added in v1.8.0

type KeyName string

type KeyType ¶ added in v1.8.0

type KeyType interface {
	Name() (name KeyName)
}

func ECDSA ¶ added in v1.8.0

func ECDSA() KeyType

func ECDSAWithCurve ¶ added in v1.8.0

func ECDSAWithCurve(curve elliptic.Curve) KeyType

func ED25519 ¶ added in v1.8.0

func ED25519() KeyType

func ED25519WithSeed ¶ added in v1.8.0

func ED25519WithSeed(seed []byte) KeyType

func EncryptMasterSM9 ¶ added in v1.8.0

func EncryptMasterSM9() KeyType

func ParsePrivateKey ¶ added in v1.8.0

func ParsePrivateKey(keyPEM []byte) (key any, keyType KeyType, err error)

func RSA ¶ added in v1.8.0

func RSA() KeyType

func RSAWithBits ¶ added in v1.8.0

func RSAWithBits(bits int) KeyType

func SM2 ¶ added in v1.8.0

func SM2() KeyType

func SignMasterSM9 ¶ added in v1.8.0

func SignMasterSM9() KeyType

func X25519 ¶ added in v1.8.0

func X25519() KeyType

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
commands
afssl
afssl/base
configs
gmsm
cfca
cipher
drbg
ecdh
internal/alias Package alias implements memory alaising tests.	Package alias implements memory alaising tests.
internal/bigmod
internal/boring Package boring provides access to BoringCrypto implementation functions.	Package boring provides access to BoringCrypto implementation functions.
internal/boring/bbig
internal/boring/bcache Package bcache implements a GC-friendly cache (see [Cache]) for BoringCrypto.	Package bcache implements a GC-friendly cache (see [Cache]) for BoringCrypto.
internal/boring/sig Package sig holds “code signatures” that can be called and will result in certain code sequences being linked into the final binary.	Package sig holds “code signatures” that can be called and will result in certain code sequences being linked into the final binary.
internal/randutil Package randutil contains internal randomness utilities for various crypto packages.	Package randutil contains internal randomness utilities for various crypto packages.
internal/sm2ec Package sm2ec implements the SM2 Prime elliptic curves.	Package sm2ec implements the SM2 Prime elliptic curves.
internal/sm2ec/fiat
kdf
padding
pkcs
pkcs7
pkcs8
sm2
sm2/sm2ec
sm3
sm4
sm9 Package sm9 implements ShangMi(SM) sm9 digital signature, encryption and key exchange algorithms.	Package sm9 implements ShangMi(SM) sm9 digital signature, encryption and key exchange algorithms.
sm9/bn256 Package bn256 defines/implements ShangMi(SM) sm9's curves and pairing.	Package bn256 defines/implements ShangMi(SM) sm9's curves and pairing.
smx509 Package smx509 implements a subset of the X.509 standard.	Package smx509 implements a subset of the X.509 standard.
smx509/internal/macos Package macOS provides cgo-less wrappers for Core Foundation and Security.framework, similarly to how package syscall provides access to libSystem.dylib.	Package macOS provides cgo-less wrappers for Core Foundation and Security.framework, similarly to how package syscall provides access to libSystem.dylib.
tlcp

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL