Documentation ¶
Index ¶
- Constants
- func ExtractDomains(cert *x509.Certificate) []string
- func ExtractDomainsCSR(csr *x509.CertificateRequest) []string
- func GenerateCSR(privateKey crypto.PrivateKey, domain string, san []string, mustStaple bool) ([]byte, error)
- func GeneratePemCert(privateKey *rsa.PrivateKey, domain string, extensions []pkix.Extension) ([]byte, error)
- func GeneratePrivateKey(keyType KeyType) (crypto.PrivateKey, error)
- func GetCSRMainDomain(cert *x509.CertificateRequest) (string, error)
- func GetCertificateMainDomain(cert *x509.Certificate) (string, error)
- func PEMBlock(data interface{}) *pem.Block
- func PEMEncode(data interface{}) []byte
- func ParsePEMBundle(bundle []byte) ([]*x509.Certificate, error)
- func ParsePEMCertificate(cert []byte) (*x509.Certificate, error)
- func ParsePEMPrivateKey(key []byte) (crypto.PrivateKey, error)
- func PemDecodeTox509CSR(data []byte) (*x509.CertificateRequest, error)
- type DERCertificateBytes
- type KeyType
Constants ¶
const ( EC256 = KeyType("P256") EC384 = KeyType("P384") RSA2048 = KeyType("2048") RSA3072 = KeyType("3072") RSA4096 = KeyType("4096") RSA8192 = KeyType("8192") )
Constants for all key types we support.
const ( // OCSPGood means that the certificate is valid. OCSPGood = ocsp.Good // OCSPRevoked means that the certificate has been deliberately revoked. OCSPRevoked = ocsp.Revoked // OCSPUnknown means that the OCSP responder doesn't know about the certificate. OCSPUnknown = ocsp.Unknown // OCSPServerFailed means that the OCSP responder failed to process the request. OCSPServerFailed = ocsp.ServerFailed )
Variables ¶
This section is empty.
Functions ¶
func ExtractDomains ¶
func ExtractDomains(cert *x509.Certificate) []string
func ExtractDomainsCSR ¶
func ExtractDomainsCSR(csr *x509.CertificateRequest) []string
func GenerateCSR ¶
func GeneratePemCert ¶
func GeneratePrivateKey ¶
func GeneratePrivateKey(keyType KeyType) (crypto.PrivateKey, error)
func GetCSRMainDomain ¶ added in v4.15.0
func GetCSRMainDomain(cert *x509.CertificateRequest) (string, error)
func GetCertificateMainDomain ¶ added in v4.15.0
func GetCertificateMainDomain(cert *x509.Certificate) (string, error)
func ParsePEMBundle ¶
func ParsePEMBundle(bundle []byte) ([]*x509.Certificate, error)
ParsePEMBundle parses a certificate bundle from top to bottom and returns a slice of x509 certificates. This function will error if no certificates are found.
func ParsePEMCertificate ¶
func ParsePEMCertificate(cert []byte) (*x509.Certificate, error)
ParsePEMCertificate returns Certificate from a PEM encoded certificate. The certificate has to be PEM encoded. Any other encodings like DER will fail.
func ParsePEMPrivateKey ¶
func ParsePEMPrivateKey(key []byte) (crypto.PrivateKey, error)
ParsePEMPrivateKey parses a private key from key, which is a PEM block. Borrowed from Go standard library, to handle various private key and PEM block types. https://github.com/golang/go/blob/693748e9fa385f1e2c3b91ca9acbb6c0ad2d133d/src/crypto/tls/tls.go#L291-L308 https://github.com/golang/go/blob/693748e9fa385f1e2c3b91ca9acbb6c0ad2d133d/src/crypto/tls/tls.go#L238
func PemDecodeTox509CSR ¶
func PemDecodeTox509CSR(data []byte) (*x509.CertificateRequest, error)
Types ¶
type DERCertificateBytes ¶
type DERCertificateBytes []byte