Documentation ¶
Index ¶
- func BuildSANExtension(identites []Identity) (*pkix.Extension, error)
- func ExtractIDs(exts []pkix.Extension) []string
- func ExtractSANExtension(exts []pkix.Extension) *pkix.Extension
- func ParsePemEncodedCSR(csrBytes []byte) (*x509.CertificateRequest, error)
- func ParsePemEncodedCertificate(certBytes []byte) (*x509.Certificate, error)
- func ParsePemEncodedKey(keyBytes []byte) (crypto.PrivateKey, error)
- type Identity
- type IdentityType
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildSANExtension ¶
BuildSANExtension builds a `pkix.Extension` of type "Subject Alternative Name" based on the given identities.
func ExtractIDs ¶
ExtractIDs first finds the SAN extension from the given extension set, then extract identities from the SAN extension.
func ExtractSANExtension ¶
ExtractSANExtension extracts the "Subject Alternative Name" externsion from the given PKIX extension set.
func ParsePemEncodedCSR ¶
func ParsePemEncodedCSR(csrBytes []byte) (*x509.CertificateRequest, error)
ParsePemEncodedCSR constructs a `x509.CertificateRequest` object using the given PEM-encoded certificate signing request.
func ParsePemEncodedCertificate ¶
func ParsePemEncodedCertificate(certBytes []byte) (*x509.Certificate, error)
ParsePemEncodedCertificate constructs a `x509.Certificate` object using the given a PEM-encoded certificate.
func ParsePemEncodedKey ¶
func ParsePemEncodedKey(keyBytes []byte) (crypto.PrivateKey, error)
ParsePemEncodedKey takes a PEM-encoded key and parsed the bytes into a `crypto.PrivateKey`.
Types ¶
type Identity ¶
type Identity struct { Type IdentityType Value []byte }
Identity is an object holding both the encoded identifier bytes as well as the type of the identity.
func ExtractIDsFromSAN ¶
ExtractIDsFromSAN takes a SAN extension and extracts the identities. The logic is mostly borrowed from https://github.com/golang/go/blob/master/src/crypto/x509/x509.go, with the addition of supporting extracting URIs.
type IdentityType ¶
type IdentityType int
IdentityType represents type of an identity. This is used to properly encode an identity into a SAN extension.
const ( // TypeDNS represents a DNS name. TypeDNS IdentityType = iota // TypeIP represents an IP address. TypeIP // TypeURI represents a universal resource identifier. TypeURI )