Versions in this module Expand all Collapse all v0 v0.0.3 Feb 27, 2017 v0.0.2 Feb 25, 2017 Changes in this version + var ExtendedValidationOIDs = map[string]interface + var OrganizationValidationOIDs = map[string]interface + func AddDSAPublicKeyToKeyMap(keyMap map[string]interface{}, key *dsa.PublicKey) + func AddECDSAPublicKeyToKeyMap(keyMap map[string]interface{}, key *ecdsa.PublicKey) + type AugmentedECDSA struct + Pub *ecdsa.PublicKey + Raw asn1.BitString type CertPool + func SystemCertPool() (*CertPool, error) + type CertValidationLevel int + const DV + const EV + const OV + func (c *CertValidationLevel) MarshalJSON() ([]byte, error) + func (i CertValidationLevel) String() string type Certificate + DirectoryNames []pkix.Name + EDIPartyNames []pkix.EDIPartyName + ExcludedDNSDomains []GeneralSubtreeString + ExcludedDirectoryNames []GeneralSubtreeName + ExcludedEdiPartyNames []GeneralSubtreeEdi + ExcludedEmailDomains []GeneralSubtreeString + ExcludedIPAddresses []GeneralSubtreeIP + ExcludedRegisteredIDs []GeneralSubtreeOid + ExcludedX400Addresses []GeneralSubtreeRaw + ExplicitTexts [][]asn1.RawValue + FingerprintNoCT CertificateFingerprint + IANDNSNames []string + IANDirectoryNames []pkix.Name + IANEDIPartyNames []pkix.EDIPartyName + IANEmailAddresses []string + IANIPAddresses []net.IP + IANOtherNames []pkix.OtherName + IANRegisteredIDs []asn1.ObjectIdentifier + IANURIs []string + IsPrecert bool + IssuerUniqueId asn1.BitString + NameConstraintsCritical bool + NoticeRefNumbers [][]NoticeNumber + NoticeRefOrgnization [][]asn1.RawValue + OtherNames []pkix.OtherName + PermittedDirectoryNames []GeneralSubtreeName + PermittedEdiPartyNames []GeneralSubtreeEdi + PermittedEmailDomains []GeneralSubtreeString + PermittedIPAddresses []GeneralSubtreeIP + PermittedRegisteredIDs []GeneralSubtreeOid + PermittedX400Addresses []GeneralSubtreeRaw + QualifierId [][]asn1.ObjectIdentifier + RegisteredIDs []asn1.ObjectIdentifier + SPKIFingerprint CertificateFingerprint + SPKISubjectFingerprint CertificateFingerprint + SignedCertificateTimestampList []*ct.SignedCertificateTimestamp + SubjectUniqueId asn1.BitString + TBSCertificateFingerprint CertificateFingerprint + URIs []string + UnhandledCriticalExtensions []asn1.ObjectIdentifier + ValidationLevel CertValidationLevel + ValidityPeriod int + func (c *Certificate) ValidateWithStupidDetail(opts VerifyOptions) (chains [][]*Certificate, validation *Validation, err error) type CertificateExtensions + AuthKeyID SubjAuthKeyId + IsPrecert IsPrecert + IssuerAltName *GeneralNames + NameConstraints *NameConstraints + SignedCertificateTimestampList []*ct.SignedCertificateTimestamp + SubjectKeyID SubjAuthKeyId + type GeneralNames struct + DNSNames []string + DirectoryNames []pkix.Name + EDIPartyNames []pkix.EDIPartyName + EmailAddresses []string + IPAddresses []net.IP + OtherNames []pkix.OtherName + RegisteredIDs []asn1.ObjectIdentifier + URIs []string + func (gn *GeneralNames) MarshalJSON() ([]byte, error) + func (gn *GeneralNames) UnmarshalJSON(b []byte) error + type GeneralSubtreeEdi struct + Data pkix.EDIPartyName + Max int + Min int + type GeneralSubtreeIP struct + Data net.IPNet + Max int + Min int + type GeneralSubtreeName struct + Data pkix.Name + Max int + Min int + type GeneralSubtreeOid struct + Data asn1.ObjectIdentifier + Max int + Min int + type GeneralSubtreeRaw struct + Data asn1.RawValue + Max int + Min int + type GeneralSubtreeString struct + Data string + Max int + Min int type InvalidReason + const CANotAuthorizedForThisDirectory + const CANotAuthorizedForThisEmail + const CANotAuthorizedForThisIP + type IsPrecert bool type KeyUsage + func (k *KeyUsage) UnmarshalJSON(b []byte) error + type NameConstraints struct + Critical bool + ExcludedDNSDomains []GeneralSubtreeString + ExcludedDirectoryNames []GeneralSubtreeName + ExcludedEdiPartyNames []GeneralSubtreeEdi + ExcludedEmailDomains []GeneralSubtreeString + ExcludedIPAddresses []GeneralSubtreeIP + ExcludedRegisteredIDs []GeneralSubtreeOid + PermittedDNSDomains []GeneralSubtreeString + PermittedDirectoryNames []GeneralSubtreeName + PermittedEdiPartyNames []GeneralSubtreeEdi + PermittedEmailDomains []GeneralSubtreeString + PermittedIPAddresses []GeneralSubtreeIP + PermittedRegisteredIDs []GeneralSubtreeOid + func (nc *NameConstraints) UnmarshalJSON(b []byte) error + func (nc NameConstraints) MarshalJSON() ([]byte, error) + type NameConstraintsJSON struct + Critical bool + ExcludedDNSDomains []string + ExcludedDirectoryNames []pkix.Name + ExcludedEdiPartyNames []pkix.EDIPartyName + ExcludedEmailDomains []string + ExcludedIPAddresses []string + ExcludedRegisteredIDs []string + PermittedDNSDomains []string + PermittedDirectoryNames []pkix.Name + PermittedEdiPartyNames []pkix.EDIPartyName + PermittedEmailDomains []string + PermittedIPAddresses []string + PermittedRegisteredIDs []string + type NoticeNumber []int type PublicKeyAlgorithm + func (p *PublicKeyAlgorithm) UnmarshalJSON(b []byte) error type SignatureAlgorithm + func (s *SignatureAlgorithm) UnmarshalJSON(b []byte) error + type SubjAuthKeyId []byte + func (kid SubjAuthKeyId) MarshalJSON() ([]byte, error) + type UnknownCertificateExtensions []pkix.Extension + type Validation struct + BrowserError string + BrowserTrusted bool + Domain string + MatchesDomain bool type VerifyOptions + EmailAddress string + IPAddress net.IP v0.0.1 May 17, 2015 Changes in this version + var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature: algorithm unimplemented") + var IncorrectPasswordError = errors.New("x509: decryption password incorrect") + func CreateCertificate(rand io.Reader, template, parent *Certificate, pub interface{}, ...) (cert []byte, err error) + func CreateCertificateRequest(rand io.Reader, template *CertificateRequest, priv interface{}) (csr []byte, err error) + func DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error) + func EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error) + func IsEncryptedPEMBlock(b *pem.Block) bool + func MarshalECPrivateKey(key *ecdsa.PrivateKey) ([]byte, error) + func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte + func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) + func ParseCRL(crlBytes []byte) (certList *pkix.CertificateList, err error) + func ParseDERCRL(derBytes []byte) (certList *pkix.CertificateList, err error) + func ParseECPrivateKey(der []byte) (key *ecdsa.PrivateKey, err error) + func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err error) + func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) + func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error) + type AuthKeyId []byte + func (akid AuthKeyId) MarshalJSON() ([]byte, error) + type AuthorityInfoAccess struct + IssuingCertificateURL []string + OCSPServer []string + type BasicConstraints struct + IsCA bool + MaxPathLen *int + type CRLDistributionPoints []string + type CertPool struct + func NewCertPool() *CertPool + func (s *CertPool) AddCert(cert *Certificate) + func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool) + func (s *CertPool) Subjects() (res [][]byte) + type Certificate struct + AuthorityKeyId []byte + BasicConstraintsValid bool + CRLDistributionPoints []string + DNSNames []string + EmailAddresses []string + ExtKeyUsage []ExtKeyUsage + Extensions []pkix.Extension + ExtraExtensions []pkix.Extension + FingerprintMD5 CertificateFingerprint + FingerprintSHA1 CertificateFingerprint + FingerprintSHA256 CertificateFingerprint + IPAddresses []net.IP + IsCA bool + Issuer pkix.Name + IssuingCertificateURL []string + KeyUsage KeyUsage + MaxPathLen int + MaxPathLenZero bool + NotAfter time.Time + NotBefore time.Time + OCSPServer []string + PermittedDNSDomains []string + PermittedDNSDomainsCritical bool + PolicyIdentifiers []asn1.ObjectIdentifier + PublicKey interface{} + PublicKeyAlgorithm PublicKeyAlgorithm + PublicKeyAlgorithmOID asn1.ObjectIdentifier + Raw []byte + RawIssuer []byte + RawSubject []byte + RawSubjectPublicKeyInfo []byte + RawTBSCertificate []byte + SerialNumber *big.Int + Signature []byte + SignatureAlgorithm SignatureAlgorithm + SignatureAlgorithmOID asn1.ObjectIdentifier + Subject pkix.Name + SubjectKeyId []byte + UnknownExtKeyUsage []asn1.ObjectIdentifier + Version int + func ParseCertificate(asn1Data []byte) (*Certificate, error) + func ParseCertificates(asn1Data []byte) ([]*Certificate, error) + func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) (err error) + func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err error) + func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error) + func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, ...) (crlBytes []byte, err error) + func (c *Certificate) Equal(other *Certificate) bool + func (c *Certificate) MarshalJSON() ([]byte, error) + func (c *Certificate) PublicKeyAlgorithmName() string + func (c *Certificate) SignatureAlgorithmName() string + func (c *Certificate) Verify(opts VerifyOptions) (chains [][]*Certificate, err error) + func (c *Certificate) VerifyHostname(h string) error + type CertificateExtensions struct + AuthKeyId AuthKeyId + AuthorityInfoAccess *AuthorityInfoAccess + BasicConstraints *BasicConstraints + CRLDistributionPoints CRLDistributionPoints + CertificatePolicies CertificatePolicies + ExtendedKeyUsage ExtendedKeyUsage + KeyUsage KeyUsage + NameConstriants *NameConstriants + SubjectAltName *SubjectAltName + UnknownExtensions []pkix.Extension + func (ce *CertificateExtensions) MarshalJSON() ([]byte, error) + type CertificateFingerprint []byte + func MD5Fingerprint(data []byte) CertificateFingerprint + func SHA1Fingerprint(data []byte) CertificateFingerprint + func SHA256Fingerprint(data []byte) CertificateFingerprint + func SHA512Fingerprint(data []byte) CertificateFingerprint + func (f *CertificateFingerprint) Hex() string + func (f *CertificateFingerprint) MarshalJSON() ([]byte, error) + type CertificateInvalidError struct + Cert *Certificate + Reason InvalidReason + func (e CertificateInvalidError) Error() string + type CertificatePolicies []asn1.ObjectIdentifier + func (cp CertificatePolicies) MarshalJSON() ([]byte, error) + type CertificateRequest struct + Attributes []pkix.AttributeTypeAndValueSET + DNSNames []string + EmailAddresses []string + Extensions []pkix.Extension + ExtraExtensions []pkix.Extension + IPAddresses []net.IP + PublicKey interface{} + PublicKeyAlgorithm PublicKeyAlgorithm + Raw []byte + RawSubject []byte + RawSubjectPublicKeyInfo []byte + RawTBSCertificateRequest []byte + Signature []byte + SignatureAlgorithm SignatureAlgorithm + Subject pkix.Name + Version int + func ParseCertificateRequest(asn1Data []byte) (*CertificateRequest, error) + type ConstraintViolationError struct + func (ConstraintViolationError) Error() string + type ExtKeyUsage int + const ExtKeyUsageAny + const ExtKeyUsageClientAuth + const ExtKeyUsageCodeSigning + const ExtKeyUsageEmailProtection + const ExtKeyUsageIPSECEndSystem + const ExtKeyUsageIPSECTunnel + const ExtKeyUsageIPSECUser + const ExtKeyUsageMicrosoftServerGatedCrypto + const ExtKeyUsageNetscapeServerGatedCrypto + const ExtKeyUsageOCSPSigning + const ExtKeyUsageServerAuth + const ExtKeyUsageTimeStamping + type ExtendedKeyUsage []ExtKeyUsage + type HostnameError struct + Certificate *Certificate + Host string + func (h HostnameError) Error() string + type InvalidReason int + const CANotAuthorizedForThisName + const Expired + const IncompatibleUsage + const NotAuthorizedToSign + const TooManyIntermediates + type KeyUsage int + const KeyUsageCRLSign + const KeyUsageCertSign + const KeyUsageContentCommitment + const KeyUsageDataEncipherment + const KeyUsageDecipherOnly + const KeyUsageDigitalSignature + const KeyUsageEncipherOnly + const KeyUsageKeyAgreement + const KeyUsageKeyEncipherment + func (k KeyUsage) MarshalJSON() ([]byte, error) + type NameConstriants struct + Critical bool + PermittedNames []string + type PEMCipher int + const PEMCipher3DES + const PEMCipherAES128 + const PEMCipherAES192 + const PEMCipherAES256 + const PEMCipherDES + type PublicKeyAlgorithm int + const DSA + const ECDSA + const RSA + const UnknownPublicKeyAlgorithm + func (p PublicKeyAlgorithm) MarshalJSON() ([]byte, error) + func (p PublicKeyAlgorithm) String() string + type SignatureAlgorithm int + const DSAWithSHA1 + const DSAWithSHA256 + const ECDSAWithSHA1 + const ECDSAWithSHA256 + const ECDSAWithSHA384 + const ECDSAWithSHA512 + const MD2WithRSA + const MD5WithRSA + const SHA1WithRSA + const SHA256WithRSA + const SHA384WithRSA + const SHA512WithRSA + const UnknownSignatureAlgorithm + func (s SignatureAlgorithm) MarshalJSON() ([]byte, error) + func (s SignatureAlgorithm) String() string + type SignatureAlgorithmOID asn1.ObjectIdentifier + type SubjectAltName struct + DNSNames []string + EmailAddresses []string + IPAddresses []net.IP + type SystemRootsError struct + func (SystemRootsError) Error() string + type UnhandledCriticalExtension struct + func (h UnhandledCriticalExtension) Error() string + type UnknownAuthorityError struct + func (e UnknownAuthorityError) Error() string + type VerifyOptions struct + CurrentTime time.Time + DNSName string + Intermediates *CertPool + KeyUsages []ExtKeyUsage + Roots *CertPool