goodkey

package
v0.0.0-...-1dfffa3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 2, 2018 License: MPL-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyPolicy 

type KeyPolicy struct {
	AllowRSA           bool // Whether RSA keys should be allowed.
	AllowECDSANISTP256 bool // Whether ECDSA NISTP256 keys should be allowed.
	AllowECDSANISTP384 bool // Whether ECDSA NISTP384 keys should be allowed.
	// contains filtered or unexported fields
}

KeyPolicy determines which types of key may be used with various boulder operations.

func NewKeyPolicy 

func NewKeyPolicy(weakKeyFile string) (KeyPolicy, error)

NewKeyPolicy returns a KeyPolicy that allows RSA, ECDSA256 and ECDSA384. weakKeyFile contains the path to a JSON file containing truncated modulus hashes of known weak RSA keys. If this argument is empty RSA modulus hash checking will be disabled.

func (*KeyPolicy) GoodKey 

func (policy *KeyPolicy) GoodKey(key crypto.PublicKey) error

GoodKey returns true if the key is acceptable for both TLS use and account key use (our requirements are the same for either one), according to basic strength and algorithm checking. TODO: Support JSONWebKeys once go-jose migration is done.

type WeakRSAKeys 

type WeakRSAKeys struct {
	// contains filtered or unexported fields
}

func LoadWeakRSASuffixes 

func LoadWeakRSASuffixes(path string) (*WeakRSAKeys, error)

func (*WeakRSAKeys) Known 

func (wk *WeakRSAKeys) Known(key *rsa.PublicKey) bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.