certloader

package
v7.0.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 3, 2018 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var ErrNoCerts = errNoCerts{}

Functions

func ParseAnyPrivateKey

func ParseAnyPrivateKey(blob []byte, prompt passprompt.PasswordGetter) (crypto.PrivateKey, error)

Parse and decrypt a private key. It can be a RSA or ECDA key in PKCS#1 or PKCS#8 format and DER or PEM encoding, or it can be a PGP private key. If the private key is encrypted then the given prompter will be invoked to ask for the passphrase, if provided.

func ParseX509Certificates

func ParseX509Certificates(blob []byte) ([]*x509.Certificate, error)

ParseX509Certificates parses a blob in PEM or DER, X509 or PKCS#7 format and returns a list of certificates

Types

type AnyCerts

type AnyCerts struct {
	X509Certs []*x509.Certificate
	PGPCerts  openpgp.EntityList
}

func LoadAnyCerts

func LoadAnyCerts(paths []string) (any AnyCerts, err error)

Load X509 and/or PGP certificates from the named file paths

type Certificate

type Certificate struct {
	Leaf         *x509.Certificate
	Certificates []*x509.Certificate
	PgpKey       *openpgp.Entity
	PrivateKey   crypto.PrivateKey
	Timestamper  pkcs9.Timestamper
	KeyName      string
}

A bundle of X509 certificate chain and/or PGP certificate, with optional private key

func LoadTokenCertificates

func LoadTokenCertificates(key crypto.PrivateKey, x509cert, pgpcert string) (*Certificate, error)

Load X509 and/or PGP certificates from named paths and return a Certificate structure together with the given private key

func LoadX509KeyPair

func LoadX509KeyPair(certFile, keyFile string) (*Certificate, error)

Load a X509 private key and certificate

func ParsePKCS12

func ParsePKCS12(blob []byte, prompt passprompt.PasswordGetter) (*Certificate, error)

func (*Certificate) Chain

func (s *Certificate) Chain() []*x509.Certificate

Return the X509 certificates in the chain up to, but not including, the root CA certificate

func (*Certificate) Issuer

func (s *Certificate) Issuer() *x509.Certificate

Return the certificate that issued the leaf certificate

func (*Certificate) Signer

func (s *Certificate) Signer() crypto.Signer

Return the private key in the form of a crypto.Signer

func (*Certificate) TLS

func (s *Certificate) TLS() tls.Certificate

Return a tls.Certificate structure containing the X509 certificate chain and private key

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL