Documentation
¶
Overview ¶
Package ssl contains operations related to SSL certificates.
Index ¶
- Constants
- func CanonicalName(name []byte) ([]byte, error)
- func CanonicalString(s string) string
- func CertHash(certPath string) (string, error)
- func CertRawHash(raw []byte) (string, error)
- func ParseCert(raw []byte) (*x509.Certificate, error)
- func SubjectNameHash(cert *x509.Certificate) (uint32, error)
Constants ¶
const SystemCertPath = "/etc/ssl/certs"
Variables ¶
This section is empty.
Functions ¶
func CanonicalName ¶
CanonicalName accepts a DER encoded subject name and returns a "Canonical Encoding" matching that returned by the x509_name_canon function in openssl. All string values are transformed with CanonicalString and UTF8 encoded and the leading SEQ header is removed.
see https://stackoverflow.com/questions/34095440/hash-algorithm-for-certificate-crl-directory.
func CanonicalString ¶
CanonicalString transforms the given string. All leading and trailing whitespace is trimmed where whitespace is defined as a space, formfeed, tab, newline, carriage return, or vertical tab character. Any remaining sequence of one or more consecutive whitespace characters in replaced with a single ' '.
This is a reimplementation of the asn1_string_canon in openssl
func CertRawHash ¶
CertRawHash compute cert hash from raw content
func ParseCert ¶
func ParseCert(raw []byte) (*x509.Certificate, error)
ParseCert parse cert from raw content
func SubjectNameHash ¶
func SubjectNameHash(cert *x509.Certificate) (uint32, error)
SubjectNameHash is a reimplementation of the X509_subject_name_hash in openssl. It computes the SHA-1 of the canonical encoding of the certificate's subject name and returns the 32-bit integer represented by the first four bytes of the hash using little-endian byte order.
The output should be the same as the result of the following command openssl x509 -hash -fingerprint -noout -in <file>
Types ¶
This section is empty.
Source Files