parlca

package
v0.4.188 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 24, 2024 License: ISC Imports: 20 Imported by: 0

Documentation

Overview

Package parlca provides a self-signed certificate authority

Index

Constants

View Source 
const (
	/*
		NoPassword       PasswordType = "\tnoPassword"
		GeneratePassword PasswordType = "\tgeneratePassword"
		GenerateOnTheFly Strategy     = iota << 0
		UseFileSystem
		DefaultStrategy = GenerateOnTheFly
	*/
	DefaultCountry = "US" // certificate country: US

)

Variables

This section is empty.

Functions

func EnsureClient 

func EnsureClient(cert *x509.Certificate)

EnsureClient ensures cert can be signed and used as a client certificate

func EnsureSelfSigned 

func EnsureSelfSigned(cert *x509.Certificate)

EnsureSelfSigned ensures that cert can be used as self-signed certificate authority

func EnsureServer 

func EnsureServer(cert *x509.Certificate)

EnsureServer ensures cert can be signed and used as a server certificate

func EnsureTemplate 

func EnsureTemplate(cert *x509.Certificate)

EnsureTemplate ensures that cert can be signed

  • use as x509.CreateCertificate template argument
  • x509.Certificate.SerialNumber non-nil. Default: uuid 128-bit number for 160-bit field. The certificate is uniquely identified by its serial number alone, a 39-digit decimal number. uuid to ensure certificates signed by equally named but different certificate authorities are still unique
  • [x509.Certificate.Subject.CommonName] is non-empty. Default short hostname
  • — “c66” from “c66.example.com”
  • [x509.Certificate.Subject.Country] is non-empty. Default “US”
  • x509.Certificate.NotBefore is non-zero. Default: today in UTC time zone at 0:0:0
  • x509.Certificate.NotAfter is non-zero. Default: NotBefore + 10 years - one minute
  • x509.Certificate.BasicConstraintsValid true
  • certificate uniqueness is commonly (macOS):
  • — certificate serial number
  • — certificate issuer name, ie. certificate authority name
  • — certificate type: X.509 Version 3

func LoadCertificate added in v0.4.28 

func LoadCertificate(filename string)

221121 don’t know what this is. Make it compile

func LoadFromPem added in v0.4.27 

func LoadFromPem(filename string, allowNotFound ...bool) (
	certificate parl.Certificate, privateKey parl.PrivateKey, publicKey parl.PublicKey,
	err error)

func LoadPrivateKeyFromDer added in v0.4.27 

func LoadPrivateKeyFromDer(filename string, algo x509.PublicKeyAlgorithm, allowNotFound ...bool) (privateKey parl.PrivateKey, err error)

func NewCertificate added in v0.4.26 

func NewCertificate(certificateDer parl.CertificateDer) (certificate parl.Certificate)

NewCertificate returns an object that can produce:

func NewEcdsa added in v0.4.26 

func NewEcdsa() (privateKey parl.PrivateKey, err error)

func NewEd25519 

func NewEd25519() (privateKey parl.PrivateKey, err error)

func NewPrivateKey added in v0.4.26 

func NewPrivateKey(algo x509.PublicKeyAlgorithm) (privateKey parl.PrivateKey, err error)

func NewPrivateKey2 added in v0.4.27 

func NewPrivateKey2(algo x509.PublicKeyAlgorithm, privateKeyDer parl.PrivateKeyDer) (privateKey parl.PrivateKey, err error)

func NewRsa added in v0.4.26 

func NewRsa() (privateKey parl.PrivateKey, err error)

func NewRsaBits added in v0.4.26 

func NewRsaBits(bits int) (privateKey parl.PrivateKey, err error)

func NewSelfSigned 

func NewSelfSigned(canonicalName string, algo x509.PublicKeyAlgorithm) (ca parl.CertificateAuthority, err error)

NewSelfSigned creates a self-ssigned certificate authority

  • ca: a certificate with embedded private key
  • — implementation is parlca.Certificate, ie. binary der format
  • canonicalName: 240623 not used
  • algo:
  • x509.Ed25519 smallest key size but as of 2024 not supported by browsers
  • x509.RSA the most commonly used algorithm for browsers
  • x509.ECDSA

func NewSelfSigned2 added in v0.4.27 

func NewSelfSigned2(privateKey parl.PrivateKey, certificate parl.Certificate) (ca parl.CertificateAuthority)

func ParsePEM added in v0.4.27 

func ParsePEM(pemData []byte) (certificate parl.Certificate, privateKey parl.PrivateKey, publicKey parl.PublicKey, err error)

ParsePEM reads the content in a pem-format byte sequence

  • pemData: text pem-format data byte-sequence
  • certificate: non-nil if the first pem-block successfully parsed as a “CERTIFICATE”
  • privateKey: non-nil if the first pem contained a pkcs8 “PRIVATE KEY”
  • publicKey: non-nil if the first pem contained a pkix encoded “PUBLIC KEY”
  • can do rsa, ecdsa, ed25519 keys and x.509 certificates
  • reads the first pem-block present
  • errors:
  • — no pem-block found
  • — pem parsing failed
  • — a different pem block type was encountered

func ParsePkcs8 added in v0.4.27 

func ParsePkcs8(privateKeyDer parl.PrivateKeyDer) (privateKey parl.PrivateKey, err error)

ParsePkcs8 parses an unencrypted private key in PKCS #8, ASN.1 binary DER form

func ParsePkix added in v0.4.27 

func ParsePkix(publicKeyDer parl.PublicKeyDer) (publicKey parl.PublicKey, err error)

ParsePkix parses a public key in PKIX, ASN.1 binary DER form

func PemText added in v0.4.26 

func PemText(data ...[]byte) (pemText string)

PemText returns lead-in text for pem format block - data is 1 or 2 copies of binary der data - — 1: only sh256 fingerprint - — 2: sha256 and sha1 fingerprints

func ReadFile added in v0.4.27 

func ReadFile(filename string, allowNotFound bool) (byts []byte, err error)

Types

type Certificate 

type Certificate struct {
	// contains filtered or unexported fields
}

Certificate wraps a der format x509 certificate.

func (*Certificate) DER 

func (c *Certificate) DER() (certificateDer parl.CertificateDer)

DER returns the binary der asn.1 format of the certificate

func (*Certificate) PEM added in v0.4.26 

func (c *Certificate) PEM() (pemBytes parl.PemBytes)

PEM returns a file-writable and human-readable pem block

  • “==… CERTIFICATE…”

func (*Certificate) ParseCertificate added in v0.4.26 

func (c *Certificate) ParseCertificate() (certificate *x509.Certificate, err error)

ParseCertificate returns expanded x509.Certificate format

  • allows certificate to be used as parent argument to x509.CreateCertificate
  • provides access to certificate datapoints

type EcdsaPrivateKey added in v0.4.26 

type EcdsaPrivateKey struct {
	ecdsa.PrivateKey
}

func (*EcdsaPrivateKey) Algo added in v0.4.26 

func (key *EcdsaPrivateKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*EcdsaPrivateKey) DER added in v0.4.26 

func (key *EcdsaPrivateKey) DER() (bytes parl.PrivateKeyDer, err error)

func (*EcdsaPrivateKey) DERe added in v0.4.26 

func (key *EcdsaPrivateKey) DERe() (privateKeyDer parl.PrivateKeyDer)

func (*EcdsaPrivateKey) PEM added in v0.4.26 

func (key *EcdsaPrivateKey) PEM() (pemBytes parl.PemBytes, err error)

func (*EcdsaPrivateKey) PEMe added in v0.4.26 

func (key *EcdsaPrivateKey) PEMe() (pemBytes parl.PemBytes)

func (*EcdsaPrivateKey) PublicKey added in v0.4.26 

func (key *EcdsaPrivateKey) PublicKey() (publicKey parl.PublicKey)

func (*EcdsaPrivateKey) Validate added in v0.4.26 

func (key *EcdsaPrivateKey) Validate() (err error)

type EcdsaPublicKey added in v0.4.26 

type EcdsaPublicKey struct {
	ecdsa.PublicKey
}

func (*EcdsaPublicKey) Algo added in v0.4.26 

func (key *EcdsaPublicKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*EcdsaPublicKey) DER added in v0.4.26 

func (key *EcdsaPublicKey) DER() (publicKeyDer parl.PublicKeyDer, err error)

func (*EcdsaPublicKey) DERe added in v0.4.26 

func (key *EcdsaPublicKey) DERe() (publicKeyDer parl.PublicKeyDer)

func (*EcdsaPublicKey) PEM added in v0.4.26 

func (key *EcdsaPublicKey) PEM() (pemBytes parl.PemBytes, err error)

func (*EcdsaPublicKey) PEMe added in v0.4.26 

func (key *EcdsaPublicKey) PEMe() (pemBytes parl.PemBytes)

type Ed25519PrivateKey added in v0.4.26 

type Ed25519PrivateKey struct {
	// func (ed25519.PrivateKey).Equal(x crypto.PrivateKey) bool
	// func (ed25519.PrivateKey).Public() crypto.PublicKey
	// func (ed25519.PrivateKey).Seed() []byte
	// func (ed25519.PrivateKey).Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error)
	// implements crypto.Signer: Public, Sign
	ed25519.PrivateKey // type: []byte
}

Ed25519 implements parl.KeyPair for the x509.Ed25519 algorithm.

func (*Ed25519PrivateKey) Algo added in v0.4.26 

func (key *Ed25519PrivateKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*Ed25519PrivateKey) DER added in v0.4.26 

func (key *Ed25519PrivateKey) DER() (privateKeyDer parl.PrivateKeyDer, err error)

func (*Ed25519PrivateKey) DERe added in v0.4.26 

func (key *Ed25519PrivateKey) DERe() (privateKeyDer parl.PrivateKeyDer)

func (*Ed25519PrivateKey) PEM added in v0.4.26 

func (key *Ed25519PrivateKey) PEM() (pemBytes parl.PemBytes, err error)

func (*Ed25519PrivateKey) PEMe added in v0.4.26 

func (key *Ed25519PrivateKey) PEMe() (pemBytes parl.PemBytes)

func (*Ed25519PrivateKey) PublicKey added in v0.4.26 

func (key *Ed25519PrivateKey) PublicKey() (publicKey parl.PublicKey)

func (*Ed25519PrivateKey) Validate added in v0.4.26 

func (key *Ed25519PrivateKey) Validate() (err error)

type Ed25519PublicKey added in v0.4.26 

type Ed25519PublicKey struct {
	ed25519.PublicKey // Equal()
}

func (*Ed25519PublicKey) Algo added in v0.4.26 

func (key *Ed25519PublicKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*Ed25519PublicKey) DER added in v0.4.26 

func (key *Ed25519PublicKey) DER() (publicKeyDer parl.PublicKeyDer, err error)

func (*Ed25519PublicKey) DERe added in v0.4.26 

func (key *Ed25519PublicKey) DERe() (publicKeyDer parl.PublicKeyDer)

func (*Ed25519PublicKey) PEM added in v0.4.26 

func (key *Ed25519PublicKey) PEM() (pemBytes parl.PemBytes, err error)

func (*Ed25519PublicKey) PEMe added in v0.4.26 

func (key *Ed25519PublicKey) PEMe() (pemBytes parl.PemBytes)

type RsaPrivateKey added in v0.4.26 

type RsaPrivateKey struct {
	// Decrypt(rand io.Reader, ciphertext []byte, opts crypto.DecrypterOpts) (plaintext []byte, err error)
	// Equal(x crypto.PrivateKey) bool
	// Precompute()
	// Public() crypto.PublicKey
	// Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
	// Size() int
	// Validate() error
	rsa.PrivateKey
}

func (*RsaPrivateKey) Algo added in v0.4.26 

func (key *RsaPrivateKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*RsaPrivateKey) DER added in v0.4.26 

func (key *RsaPrivateKey) DER() (bytes parl.PrivateKeyDer, err error)

func (*RsaPrivateKey) DERe added in v0.4.26 

func (key *RsaPrivateKey) DERe() (privateKeyDer parl.PrivateKeyDer)

func (*RsaPrivateKey) PEM added in v0.4.26 

func (key *RsaPrivateKey) PEM() (pemBytes parl.PemBytes, err error)

func (*RsaPrivateKey) PEMe added in v0.4.26 

func (key *RsaPrivateKey) PEMe() (pemBytes parl.PemBytes)

func (*RsaPrivateKey) PublicKey added in v0.4.26 

func (key *RsaPrivateKey) PublicKey() (publicKey parl.PublicKey)

func (*RsaPrivateKey) Validate added in v0.4.26 

func (key *RsaPrivateKey) Validate() (err error)

type RsaPublicKey added in v0.4.26 

type RsaPublicKey struct {
	rsa.PublicKey
}

func (*RsaPublicKey) Algo added in v0.4.26 

func (key *RsaPublicKey) Algo() (algo x509.PublicKeyAlgorithm)

func (*RsaPublicKey) DER added in v0.4.26 

func (key *RsaPublicKey) DER() (publicKeyDer parl.PublicKeyDer, err error)

func (*RsaPublicKey) DERe added in v0.4.26 

func (key *RsaPublicKey) DERe() (publicKeyDer parl.PublicKeyDer)

func (*RsaPublicKey) PEM added in v0.4.26 

func (key *RsaPublicKey) PEM() (pemBytes parl.PemBytes, err error)

func (*RsaPublicKey) PEMe added in v0.4.26 

func (key *RsaPublicKey) PEMe() (pemBytes parl.PemBytes)

type SelfSigned 

type SelfSigned struct {
	parl.Certificate // DER() PEM()
	PrivateKey       parl.PrivateKey
}

func (*SelfSigned) Check 

func (ca *SelfSigned) Check() (cert *x509.Certificate, err error)

func (*SelfSigned) Private added in v0.4.27 

func (ca *SelfSigned) Private() (privateKey parl.PrivateKey)

func (*SelfSigned) Sign 

func (ca *SelfSigned) Sign(template *x509.Certificate, publicKey crypto.PublicKey) (certDER parl.CertificateDer, err error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.