Documentation
¶
Index ¶
- Constants
- Variables
- func CertToPEM(cert *x509.Certificate) []byte
- func CheckCertificate(cert *x509.Certificate, key crypto.PrivateKey) error
- func LoadCertificateFromFile(fileName string) ([]*x509.Certificate, error)
- func LoadPrivateKeyFromFile(fileName string) (crypto.PrivateKey, error)
- func PEMToX509Cert(data []byte) (certs []*x509.Certificate, err error)
- func PEMToX509Key(data []byte) (key crypto.PrivateKey, err error)
- func PEMToX509PrivateKey(data []byte) (key crypto.PrivateKey, err error)
- func ParsePKCS11URL(pkcs11URL string) (library, token, userPIN string, label, id []byte, err error)
- func PrivateKeyToPEM(key crypto.PrivateKey) ([]byte, error)
- func SaveCertificateToFile(fileName string, certs []*x509.Certificate) error
- func SavePrivateKeyToFile(fileName string, key crypto.PrivateKey) error
- type CryptoContext
- func (cryptoContext *CryptoContext) Close() (err error)
- func (cryptoContext *CryptoContext) GetCACertPool() *x509.CertPool
- func (cryptoContext *CryptoContext) GetClientMutualTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
- func (cryptoContext *CryptoContext) GetClientTLSConfig() (*tls.Config, error)
- func (cryptoContext *CryptoContext) GetServerMutualTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
- func (cryptoContext *CryptoContext) GetServerTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
- func (cryptoContext *CryptoContext) LoadCertificateByURL(certURLStr string) ([]*x509.Certificate, error)
- func (cryptoContext *CryptoContext) LoadPrivateKeyByURL(keyURLStr string) (privKey crypto.PrivateKey, supportPKCS1v15SessionKey bool, err error)
Constants ¶
const ( PEMBlockRSAPrivateKey = "RSA PRIVATE KEY" PEMBlockECPrivateKey = "EC PRIVATE KEY" PEMBlockCertificate = "CERTIFICATE" PEMBlockCertificateRequest = "CERTIFICATE REQUEST" )
PEM block types.
const ( AlgRSA = "rsa" AlgECC = "ecc" )
Crypto algorithm.
const ( SchemeFile = "file" SchemeTPM = "tpm" SchemePKCS11 = "pkcs11" )
URL schemes.
const PEMExt = "pem"
PEMExt PEM format extension.
Variables ¶
var ( // DefaultTPMDevice used if not specified in the URL. DefaultTPMDevice io.ReadWriteCloser // DefaultPKCS11Library used if not specified in the URL. DefaultPKCS11Library string )
Functions ¶
func CertToPEM ¶
func CertToPEM(cert *x509.Certificate) []byte
CertToPEM is a utility function returns a PEM encoded x509 Certificate.
func CheckCertificate ¶
func CheckCertificate(cert *x509.Certificate, key crypto.PrivateKey) error
CheckCertificate checks if certificate matches key.
func LoadCertificateFromFile ¶
func LoadCertificateFromFile(fileName string) ([]*x509.Certificate, error)
LoadCertificateFromFile loads certificate from file.
func LoadPrivateKeyFromFile ¶
func LoadPrivateKeyFromFile(fileName string) (crypto.PrivateKey, error)
LoadPrivateKeyFromFile loads private key from file.
func PEMToX509Cert ¶
func PEMToX509Cert(data []byte) (certs []*x509.Certificate, err error)
PEMToX509Cert parses PEM data to x509 certificate structures.
func PEMToX509Key ¶
func PEMToX509Key(data []byte) (key crypto.PrivateKey, err error)
PEMToX509Key parses PEM data to x509 key structures.
func PEMToX509PrivateKey ¶
func PEMToX509PrivateKey(data []byte) (key crypto.PrivateKey, err error)
PEMToX509PrivateKey parses PEM data to x509 private key structures.
func ParsePKCS11URL ¶
ParsePKCS11URL extracts library, token, label, id, user pin from pkcs URL.
func PrivateKeyToPEM ¶
func PrivateKeyToPEM(key crypto.PrivateKey) ([]byte, error)
PrivateKeyToPEM converts private key to PEM format.
func SaveCertificateToFile ¶
func SaveCertificateToFile(fileName string, certs []*x509.Certificate) error
SaveCertificateToFile saves certificate to file.
func SavePrivateKeyToFile ¶
func SavePrivateKeyToFile(fileName string, key crypto.PrivateKey) error
SavePrivateKeyToFile saves private key to file.
Types ¶
type CryptoContext ¶
CryptoContext crypt context.
func NewCryptoContext ¶
func NewCryptoContext(rootCA string) (cryptoContext *CryptoContext, err error)
NewCryptoContext creates new crypto context.
func (*CryptoContext) Close ¶
func (cryptoContext *CryptoContext) Close() (err error)
Close closes crypto context.
func (*CryptoContext) GetCACertPool ¶
func (cryptoContext *CryptoContext) GetCACertPool() *x509.CertPool
GetCACertPool returns crypt context CA cert pool.
func (*CryptoContext) GetClientMutualTLSConfig ¶
func (cryptoContext *CryptoContext) GetClientMutualTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
GetClientMutualTLSConfig returns client mTLS config.
func (*CryptoContext) GetClientTLSConfig ¶
func (cryptoContext *CryptoContext) GetClientTLSConfig() (*tls.Config, error)
GetClientTLSConfig returns client TLS config.
func (*CryptoContext) GetServerMutualTLSConfig ¶
func (cryptoContext *CryptoContext) GetServerMutualTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
GetServerMutualTLSConfig returns server mutual TLS configuration.
func (*CryptoContext) GetServerTLSConfig ¶
func (cryptoContext *CryptoContext) GetServerTLSConfig(certURLStr, keyURLStr string) (*tls.Config, error)
GetServerTLSConfig returns server TLS configuration.
func (*CryptoContext) LoadCertificateByURL ¶
func (cryptoContext *CryptoContext) LoadCertificateByURL(certURLStr string) ([]*x509.Certificate, error)
LoadCertificateByURL loads certificate by URL.
func (*CryptoContext) LoadPrivateKeyByURL ¶
func (cryptoContext *CryptoContext) LoadPrivateKeyByURL(keyURLStr string) (privKey crypto.PrivateKey, supportPKCS1v15SessionKey bool, err error, )
LoadPrivateKeyByURL loads private key by URL.
Source Files