pubkey

package

v0.1.9 Latest Latest Go to latest Published: Jun 7, 2022 License: Apache-2.0, MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kloeckner-i/db-auth-gateway

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func EncodePublicKey(pubKey *rsa.PublicKey) (string, error)
func Fingerprint(cert *x509.Certificate) string
func NewServerCertificateValidator(rootCAs *x509.CertPool, instance string) func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
func ParseCertificate(certPEM string) (*x509.Certificate, error)
type Authority
- func NewAuthority(subject pkix.Name, ttl time.Duration) (*Authority, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrCommonNameMismatch is returned when the server certificate common name does not match our database.
	ErrCommonNameMismatch = errors.New("certificate common name did not match")
	// ErrInvalidPEM is returned when a malformed certificate is provided.
	ErrInvalidPEM = errors.New("invalid pem")
	// ErrNoCertificate is returned when the server does not supply a valid certificate chain.
	ErrNoCertificate = errors.New("no certificate to verify")
)

Functions ¶

func EncodePublicKey ¶

func EncodePublicKey(pubKey *rsa.PublicKey) (string, error)

EncodePublicKey encodes an RSA public key into its PEM representation.

func Fingerprint ¶

func Fingerprint(cert *x509.Certificate) string

Fingerprint returns the encoded fingerprint for the given certificate.

func NewServerCertificateValidator ¶

func NewServerCertificateValidator(rootCAs *x509.CertPool, instance string) func(
	rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error

NewServerCertificateValidator creates a new custom server certificate validator from the given certificate authority, and instance details.

func ParseCertificate ¶

func ParseCertificate(certPEM string) (*x509.Certificate, error)

ParseCertificate decodes a PEM encoded certificate.

Types ¶

type Authority ¶

type Authority struct {
	// contains filtered or unexported fields
}

Authority is a local certificate authority used by the mock service that is part of the db-auth-gateway tests.

func NewAuthority ¶

func NewAuthority(subject pkix.Name, ttl time.Duration) (*Authority, error)

NewAuthority constructs a new self signed certificate authority.

func (*Authority) CertPEM ¶

func (a *Authority) CertPEM() string

CertPEM returns the PEM encoded certificate authority certificate.

func (*Authority) IsRevoked ¶

func (a *Authority) IsRevoked(cert *x509.Certificate) bool

IsRevoked is used to check if a client certificate has been revoked.

func (*Authority) RevokeAll ¶

func (a *Authority) RevokeAll()

RevokeAll revokes all currently issued client certificates.

func (*Authority) Sign ¶

func (a *Authority) Sign(pubKeyPEM string, subject pkix.Name, ttl time.Duration) (string, error)

Sign creates a signed certificate from the supplied public key.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL