x509

package
v0.0.0-...-90c9d3a Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 21, 2010 License: BSD-3-Clause, GooglePatentClause Imports: 10 Imported by: 0

Documentation

Overview

This package parses X.509-encoded keys and certificates.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CreateCertificate 

func CreateCertificate(rand io.Reader, template, parent *Certificate, priv *rsa.PrivateKey) (cert []byte, err os.Error)

CreateSelfSignedCertificate creates a new certificate based on a template. The following members of template are used: SerialNumber, Subject, NotBefore, NotAfter, KeyUsage, BasicConstraintsValid, IsCA, MaxPathLen, SubjectKeyId, DNSNames.

The certificate is signed by parent. If parent is equal to template then the certificate is self-signed.

The returned slice is the certificate in DER encoding.

func MarshalPKCS1PrivateKey 

func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte

MarshalPKCS1PrivateKey converts a private key to ASN.1 DER encoded form.

func ParsePKCS1PrivateKey 

func ParsePKCS1PrivateKey(der []byte) (key *rsa.PrivateKey, err os.Error)

ParsePKCS1PrivateKey returns an RSA private key from its ASN.1 PKCS#1 DER encoded form.

Types

type Certificate 

type Certificate struct {
	Raw                []byte // Raw ASN.1 DER contents.
	Signature          []byte
	SignatureAlgorithm SignatureAlgorithm

	PublicKeyAlgorithm PublicKeyAlgorithm
	PublicKey          interface{}

	Version             int
	SerialNumber        []byte
	Issuer              Name
	Subject             Name
	NotBefore, NotAfter *time.Time // Validity bounds.
	KeyUsage            KeyUsage

	BasicConstraintsValid bool // if true then the next two fields are valid.
	IsCA                  bool
	MaxPathLen            int

	SubjectKeyId   []byte
	AuthorityKeyId []byte

	// Subject Alternate Name values
	DNSNames       []string
	EmailAddresses []string
}

A Certificate represents an X.509 certificate.

func ParseCertificate 

func ParseCertificate(asn1Data []byte) (*Certificate, os.Error)

ParseCertificate parses a single certificate from the given ASN.1 DER data.

func ParseCertificates 

func ParseCertificates(asn1Data []byte) ([]*Certificate, os.Error)

ParseCertificates parses one or more certificates from the given ASN.1 DER data. The certificates must be concatenated with no intermediate padding.

func (*Certificate) CheckSignatureFrom 

func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err os.Error)

CheckSignatureFrom verifies that the signature on c is a valid signature from parent.

func (*Certificate) IsValidForHost 

func (c *Certificate) IsValidForHost(h string) bool

IsValidForHost returns true iff c is a valid certificate for the given host.

type ConstraintViolationError 

type ConstraintViolationError struct{}

ConstraintViolationError results when a requested usage is not permitted by a certificate. For example: checking a signature when the public key isn't a certificate signing key.

func (ConstraintViolationError) String 

func (ConstraintViolationError) String() string

type KeyUsage 

type KeyUsage int

KeyUsage represents the set of actions that are valid for a given key. It's a bitmap of the KeyUsage* constants. 

const (
	KeyUsageDigitalSignature KeyUsage = 1 << iota
	KeyUsageContentCommitment
	KeyUsageKeyEncipherment
	KeyUsageDataEncipherment
	KeyUsageKeyAgreement
	KeyUsageCertSign
	KeyUsageCRLSign
	KeyUsageEncipherOnly
	KeyUsageDecipherOnly
)

type Name 

type Name struct {
	Country, Organization, OrganizationalUnit string
	CommonName, SerialNumber, Locality        string
	Province, StreetAddress, PostalCode       string
}

Name represents an X.509 distinguished name. This only includes the common elements of a DN. Additional elements in the name are ignored.

type PublicKeyAlgorithm 

type PublicKeyAlgorithm int
const (
	UnknownPublicKeyAlgorithm PublicKeyAlgorithm = iota
	RSA
)

type SignatureAlgorithm 

type SignatureAlgorithm int
const (
	UnknownSignatureAlgorithm SignatureAlgorithm = iota
	MD2WithRSA
	MD5WithRSA
	SHA1WithRSA
	SHA256WithRSA
	SHA384WithRSA
	SHA512WithRSA
)

type UnhandledCriticalExtension 

type UnhandledCriticalExtension struct{}

func (UnhandledCriticalExtension) String 

func (h UnhandledCriticalExtension) String() string

type UnsupportedAlgorithmError 

type UnsupportedAlgorithmError struct{}

UnsupportedAlgorithmError results from attempting to perform an operation that involves algorithms that are not currently implemented.

func (UnsupportedAlgorithmError) String 

func (UnsupportedAlgorithmError) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.