certs

Documentation

Overview

Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the Apache v2.0 license.

Index

• func DecodeCertPEM(encoded []byte) (*x509.Certificate, error)
• func DecodePrivateKeyPEM(encoded []byte) (*rsa.PrivateKey, error)
• func EncodeCertPEM(cert *x509.Certificate) []byte
• func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte
• func EncodePublicKeyBytePEM(key []byte) ([]byte, error)
• func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)
• func GenerateClientCertificate(name string) (*x509.Certificate, *rsa.PrivateKey, error)
• func NewPrivateKey() (*rsa.PrivateKey, error)
• func NewSignedCert(key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey, ...) (*x509.Certificate, error)
• type AltNames
• type Config
• type KeyPair
  • func (k *KeyPair) IsValid() bool

Functions

func DecodeCertPEM

func DecodeCertPEM(encoded []byte) (*x509.Certificate, error)

DecodeCertPEM attempts to return a decoded certificate or nil if the encoded input does not contain a certificate.

func DecodePrivateKeyPEM

func DecodePrivateKeyPEM(encoded []byte) (*rsa.PrivateKey, error)

DecodePrivateKeyPEM attempts to return a decoded key or nil if the encoded input does not contain a private key.

func EncodeCertPEM

func EncodeCertPEM(cert *x509.Certificate) []byte

EncodeCertPEM returns PEM-endcoded certificate data.

func EncodePrivateKeyPEM

func EncodePrivateKeyPEM(key *rsa.PrivateKey) []byte

EncodePrivateKeyPEM returns PEM-encoded private key data.

func EncodePublicKeyBytePEM

func EncodePublicKeyBytePEM(key []byte) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public key data.

func EncodePublicKeyPEM

func EncodePublicKeyPEM(key *rsa.PublicKey) ([]byte, error)

EncodePublicKeyPEM returns PEM-encoded public key data.

func GenerateClientCertificate

func GenerateClientCertificate(name string) (*x509.Certificate, *rsa.PrivateKey, error)

func NewPrivateKey

func NewPrivateKey() (*rsa.PrivateKey, error)

NewPrivateKey creates an RSA private key

func NewSignedCert

func NewSignedCert(key *rsa.PrivateKey, caCert *x509.Certificate, caKey *rsa.PrivateKey, conf Config) (*x509.Certificate, error)

Types

type AltNames

type AltNames struct {
	DNSNames []string
	IPs      []net.IP
}

AltNames contains the domain names and IP addresses for a cert

type Config

type Config struct {
	CommonName   string
	Organization []string
	AltNames     AltNames
	Usages       []x509.ExtKeyUsage
}

Config contains the basic fields required for creating a certificate.

type KeyPair

type KeyPair struct {
	Cert, Key []byte
}

KeyPair holds the raw bytes for a certificate and key.

func (*KeyPair) IsValid

func (k *KeyPair) IsValid() bool

IsValid returns true if both the certificate and key are non-nil.