tls

package

v0.0.0-...-434f714 Latest Latest Go to latest Published: Jun 25, 2024 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cisco-open/camblet

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func CreateCACertificate(opts CertificateOptions, parent *x509.Certificate, priv any) (*X509Certificate, *PrivateKey, error)
func CreateSelfSignedCACertificate(opts CertificateOptions) (*X509Certificate, *PrivateKey, error)
type CertificateAuthority
- func NewCertificateAuthority(opts ...CertificateAuthorityOption) (CertificateAuthority, error)
type CertificateAuthorityOption
- func CertificateAuthorityWithPEM(pem []byte) CertificateAuthorityOption
- func CertificateAuthorityWithPEMFile(pemFile string) CertificateAuthorityOption
type CertificateCommon
type CertificateOptions
type Container
- func ParsePEM(block *pem.Block) (*Container, error)
- func ParsePEMFromFile(pemFileName ...string) ([]*Container, error)
- func ParsePEMs(content []byte) ([]*Container, error)
- func (c *Container) GetPrivateKey() *PrivateKey
- func (c *Container) GetPublicKey() *PublicKey
- func (c *Container) GetX509Certificate() *X509Certificate
- func (c *Container) GetX509CertificateRequest() *X509CertificateRequest
type ContainerType
type PrivateKey
- func ParseX509PrivateKey(der []byte) (*PrivateKey, error)
- func (c PrivateKey) GetPEM() []byte
type PublicKey
- func ParseX509PublicKey(der []byte) (*PublicKey, error)
- func (c PublicKey) GetPEM() []byte
type SupportedPEMType
type X509Certificate
- func ConvertX509Certificate(x509cert *x509.Certificate) (*X509Certificate, error)
- func ParseX509CertificateFromDER(der []byte) (*X509Certificate, error)
- func (c X509Certificate) GetPEM() []byte
type X509CertificateRequest
- func ConvertX509CertificateRequest(x509req *x509.CertificateRequest) (*X509CertificateRequest, error)
- func ParseX509CertificateRequestFromDER(der []byte) (*X509CertificateRequest, error)
- func (c X509CertificateRequest) GetPEM() []byte
type X509CertificateType

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	DefaultCACertificateTTL   = 3650 * 24 * time.Hour
	DefaultCertificateKeySize = 2048
	DefaultLeafCerticiateTTL  = 24 * time.Hour

	ErrMissingSigningCertificate = errors.Sentinel("signing certificate is not specfied")
	ErrMissingCAPrivateKey       = errors.Sentinel("missing CA private key")
	ErrMissingCACertificate      = errors.Sentinel("missing CA certificate")
)

Functions ¶

func CreateCACertificate ¶

func CreateCACertificate(opts CertificateOptions, parent *x509.Certificate, priv any) (*X509Certificate, *PrivateKey, error)

func CreateSelfSignedCACertificate ¶

func CreateSelfSignedCACertificate(opts CertificateOptions) (*X509Certificate, *PrivateKey, error)

Types ¶

type CertificateAuthority ¶

type CertificateAuthority interface {
	SignCertificateRequest(req *x509.CertificateRequest, ttl time.Duration) (cert *X509Certificate, chain []*X509Certificate, err error)
	CreateIntermediate(opts CertificateOptions) (cert *X509Certificate, pkey *PrivateKey, chain []*X509Certificate, err error)
	GetTrustAnchor() (cert *X509Certificate)
}

func NewCertificateAuthority ¶

func NewCertificateAuthority(opts ...CertificateAuthorityOption) (CertificateAuthority, error)

type CertificateAuthorityOption ¶

type CertificateAuthorityOption func(*ca)

func CertificateAuthorityWithPEM ¶

func CertificateAuthorityWithPEM(pem []byte) CertificateAuthorityOption

func CertificateAuthorityWithPEMFile ¶

func CertificateAuthorityWithPEMFile(pemFile string) CertificateAuthorityOption

type CertificateCommon ¶

type CertificateCommon struct {
	PublicKey *PublicKey `json:"publicKey,omitempty"`

	SerialNumber  string     `json:"serialNumber,omitempty"`
	NotBefore     *time.Time `json:"notBefore,omitempty"`
	NotAfter      *time.Time `json:"notAfter,omitempty"`
	NotBeforeUnix uint64     `json:"notBeforeUnix,omitempty"`
	NotAfterUnix  uint64     `json:"notAfterUnix,omitempty"`

	Subject string `json:"subject,omitempty"`
	Issuer  string `json:"issuer,omitempty"`

	DNSNames       []string `json:"dnsNames,omitempty"`
	EmailAddresses []string `json:"emailAddresses,omitempty"`
	IPAddresses    []string `json:"ipAddresses,omitempty"`
	URIs           []string `json:"urIs,omitempty"`

	Signature          []byte `json:"signature,omitempty"`
	SignatureAlgorithm string `json:"signatureAlgorithm,omitempty"`

	Raw        []byte `json:"raw,omitempty"`
	RawSubject []byte `json:"rawSubject,omitempty"`
	RawIssuer  []byte `json:"rawIssuer,omitempty"`
}

type CertificateOptions ¶

type CertificateOptions struct {
	Subject        pkix.Name
	TTL            time.Duration
	KeySize        int
	DNSNames       []string
	EmailAddresses []string
	IPAddresses    []net.IP
	URIs           []*url.URL
}

type Container ¶

type Container struct {
	Type   ContainerType `json:"type,omitempty"`
	Object any           `json:"object,omitempty"`
}

func ParsePEM ¶

func ParsePEM(block *pem.Block) (*Container, error)

func ParsePEMFromFile ¶

func ParsePEMFromFile(pemFileName ...string) ([]*Container, error)

func ParsePEMs ¶

func ParsePEMs(content []byte) ([]*Container, error)

func (*Container) GetPrivateKey ¶

func (c *Container) GetPrivateKey() *PrivateKey

func (*Container) GetPublicKey ¶

func (c *Container) GetPublicKey() *PublicKey

func (*Container) GetX509Certificate ¶

func (c *Container) GetX509Certificate() *X509Certificate

func (*Container) GetX509CertificateRequest ¶

func (c *Container) GetX509CertificateRequest() *X509CertificateRequest

type ContainerType ¶

type ContainerType string

const (
	X509CertificateContainerType        ContainerType = "X509Certificate"
	X509CertificateRequestContainerType ContainerType = "X509CertificateRequest"
	PublicKeyContainerType              ContainerType = "PublicKey"
	PrivateKeyContainerType             ContainerType = "PrivateKey"
)

type PrivateKey ¶

type PrivateKey struct {
	Type string `json:"type,omitempty"`
	Size int    `json:"size,omitempty"`

	RSA_P  []byte `json:"RSA_P,omitempty"`
	RSA_Q  []byte `json:"RSA_Q,omitempty"`
	RSA_DP []byte `json:"RSA_DP,omitempty"`
	RSA_DQ []byte `json:"RSA_DQ,omitempty"`
	RSA_IQ []byte `json:"RSA_IQ,omitempty"`

	Curve string `json:"curve,omitempty"`
	EC_D  []byte `json:"EC_D,omitempty"`

	PublicKey *PublicKey `json:"publicKey,omitempty"`

	Raw []byte `json:"raw,omitempty"`
	Key any    `json:"-"`
}

func ParseX509PrivateKey ¶

func ParseX509PrivateKey(der []byte) (*PrivateKey, error)

func (PrivateKey) GetPEM ¶

func (c PrivateKey) GetPEM() []byte

type PublicKey ¶

type PublicKey struct {
	Type    string `json:"type,omitempty"`
	BitSize int32  `json:"bitSize,omitempty"`

	RSA_N []byte `json:"RSA_N,omitempty"`
	RSA_E []byte `json:"RSA_E,omitempty"`

	Curve string `json:"curve,omitempty"`
	EC_Q  []byte `json:"EC_Q,omitempty"`

	Raw []byte `json:"raw,omitempty"`
	Key any    `json:"-"`
}

func ParseX509PublicKey ¶

func ParseX509PublicKey(der []byte) (*PublicKey, error)

func (PublicKey) GetPEM ¶

func (c PublicKey) GetPEM() []byte

type SupportedPEMType ¶

type SupportedPEMType string

const (
	CertificateRequestSupportedPEMType SupportedPEMType = "CERTIFICATE REQUEST"
	CertificateSupportedPEMType        SupportedPEMType = "CERTIFICATE"
	PublicKeySupportedPEMType          SupportedPEMType = "PUBLIC KEY"
	PrivateKeySupportedPEMType         SupportedPEMType = "PRIVATE KEY"
	RSAPrivateKeySupportedPEMType      SupportedPEMType = "RSA PRIVATE KEY"
	ECPrivateKeySupportedPEMType       SupportedPEMType = "EC PRIVATE KEY"
)

type X509Certificate ¶

type X509Certificate struct {
	*CertificateCommon `json:",inline"`
	Type               X509CertificateType `json:"type,omitempty"`

	Certificate *x509.Certificate `json:"-"`
}

func ConvertX509Certificate ¶

func ConvertX509Certificate(x509cert *x509.Certificate) (*X509Certificate, error)

func ParseX509CertificateFromDER ¶

func ParseX509CertificateFromDER(der []byte) (*X509Certificate, error)

func (X509Certificate) GetPEM ¶

func (c X509Certificate) GetPEM() []byte

type X509CertificateRequest ¶

type X509CertificateRequest struct {
	*CertificateCommon `json:",inline"`

	CertificateRequest *x509.CertificateRequest `json:"-"`
}

func ConvertX509CertificateRequest ¶

func ConvertX509CertificateRequest(x509req *x509.CertificateRequest) (*X509CertificateRequest, error)

func ParseX509CertificateRequestFromDER ¶

func ParseX509CertificateRequestFromDER(der []byte) (*X509CertificateRequest, error)

func (X509CertificateRequest) GetPEM ¶

func (c X509CertificateRequest) GetPEM() []byte

type X509CertificateType ¶

type X509CertificateType string

const (
	RootCAX509CertificateType         X509CertificateType = "ROOT CA"
	IntermediateCAX509CertificateType X509CertificateType = "INTERMEDIATE CA"
	LeafX509CertificateType           X509CertificateType = "LEAF CERTIFICATE"
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL