Documentation
¶
Index ¶
- Constants
- Variables
- func BuildSelfSignedCertChain(identifier string, permanentIdentifierValue string) (chain []*x509.Certificate, chainPems *cert.Chain, rootCert *x509.Certificate, ...)
- func CertTemplate(serialNumber *big.Int, organization string) (*x509.Certificate, error)
- func CreateCert(template, parent *x509.Certificate, pub interface{}, parentPriv interface{}) (cert *x509.Certificate, certPEM []byte, err error)
- func DebugUnmarshall(data []byte, depth int) error
- func EncodeCertificates(certs ...*x509.Certificate) ([]byte, error)
- func EncodeRSAPrivateKey(key *rsa.PrivateKey) ([]byte, error)
- func FindOtherNameValue(value []*OtherNameValue, policyType PolicyType, sanTypeName SanTypeName) (string, error)
- func FixChainHeaders(chain *cert.Chain) (*cert.Chain, error)
- func IsRootCa(signingCert *x509.Certificate) bool
- func ParseCertificates(derChain [][]byte) ([]*x509.Certificate, error)
- func ParsePrivateKey(der []byte) (*rsa.PrivateKey, error)
- func ParseUraFromOtherNameValue(stringValue string) (uzi string, ura string, agb string, err error)
- func SigningCertTemplate(serialNumber *big.Int, identifier string, permanentIdentifierValue string) (*x509.Certificate, error)
- type GenericNameValue
- type OtherName
- type OtherNameValue
- type PolicyType
- type SanType
- type SanTypeName
- type StingAndOid
- type SubjectTypeName
- type SubjectValue
Constants ¶
const ( CertificateBlockType = "CERTIFICATE" RSAPrivKeyBlockType = "PRIVATE KEY" )
Variables ¶
var ( SubjectAlternativeNameType = asn1.ObjectIdentifier{2, 5, 29, 17} PermanentIdentifierType = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 8, 3} OtherNameType = asn1.ObjectIdentifier{2, 5, 5, 5} UraAssigner = asn1.ObjectIdentifier{2, 16, 528, 1, 1007, 3, 3} )
SubjectAlternativeNameType represents the ASN.1 Object Identifier for Subject Alternative Name.
var RegexOtherNameValue = regexp.MustCompile(`^[0-9.]+-\d+-(\d+)-S-(\d+)-00\.000-(\d+)$`)
RegexOtherNameValue matches thee OtherName field: <versie-nr>-<UZI-nr>-<pastype>-<Abonnee-nr>-<rol>-<AGB-code> e.g.: 1-123456789-S-88888801-00.000-12345678 var RegexOtherNameValue = regexp.MustCompile(`2\.16\.528\.1\.1007.\d+\.\d+-\d+-\d+-S-(\d+)-00\.000-\d+`)
Functions ¶
func BuildSelfSignedCertChain ¶
func BuildSelfSignedCertChain(identifier string, permanentIdentifierValue string) (chain []*x509.Certificate, chainPems *cert.Chain, rootCert *x509.Certificate, signingKey *rsa.PrivateKey, signingCert *x509.Certificate, err error)
BuildSelfSignedCertChain generates a certificate chain, including root, intermediate, and signing certificates.
func CertTemplate ¶
CertTemplate generates a template for a x509 certificate with a given serial number. If no serial number is provided, a random one is generated. The certificate is valid for one month and uses SHA256 with RSA for the signature algorithm.
func CreateCert ¶
func CreateCert(template, parent *x509.Certificate, pub interface{}, parentPriv interface{}) (cert *x509.Certificate, certPEM []byte, err error)
CreateCert generates a new x509 certificate using the provided template and parent certificates, public and private keys. It returns the generated certificate, its PEM-encoded version, and any error encountered during the process.
func DebugUnmarshall ¶
DebugUnmarshall recursively unmarshalls ASN.1 encoded data and prints the structure with parsed values. Keep this method for debug purposes in the future.
func EncodeCertificates ¶
func EncodeCertificates(certs ...*x509.Certificate) ([]byte, error)
func EncodeRSAPrivateKey ¶
func EncodeRSAPrivateKey(key *rsa.PrivateKey) ([]byte, error)
func FindOtherNameValue ¶
func FindOtherNameValue(value []*OtherNameValue, policyType PolicyType, sanTypeName SanTypeName) (string, error)
func FixChainHeaders ¶
fixChainHeaders replaces newline characters in the certificate chain headers with escaped newline sequences. It processes each certificate in the provided chain and returns a new chain with the modified headers or an error if any occurs.
func IsRootCa ¶
func IsRootCa(signingCert *x509.Certificate) bool
func ParseCertificates ¶
func ParseCertificates(derChain [][]byte) ([]*x509.Certificate, error)
ParseCertificates parses a slice of DER-encoded byte arrays into a slice of x509.Certificate. It returns an error if any of the certificates cannot be parsed.
func ParsePrivateKey ¶
func ParsePrivateKey(der []byte) (*rsa.PrivateKey, error)
ParsePrivateKey parses a DER-encoded private key into an *rsa.PrivateKey. It returns an error if the key is not in PKCS8 format or not an RSA key.
func SigningCertTemplate ¶
func SigningCertTemplate(serialNumber *big.Int, identifier string, permanentIdentifierValue string) (*x509.Certificate, error)
SigningCertTemplate creates a x509.Certificate template for a signing certificate with an optional serial number.
Types ¶
type GenericNameValue ¶
type GenericNameValue struct {
PolicyType PolicyType
Type string
Value string
}
type OtherName ¶
type OtherName struct {
TypeID asn1.ObjectIdentifier
Value asn1.RawValue `asn1:"tag:0,explicit"`
}
type OtherNameValue ¶
type OtherNameValue struct {
PolicyType PolicyType
Type SanTypeName
Value string
}
func FindSanTypes ¶
func FindSanTypes(certificate *x509.Certificate) ([]*OtherNameValue, error)
func SelectSanTypes ¶
func SelectSanTypes(certificate *x509.Certificate, subjectAttributes ...SanTypeName) ([]*OtherNameValue, error)
type PolicyType ¶
type PolicyType string
const ( PolicyTypeSan PolicyType = "san" PolicyTypeSubject PolicyType = "subject" )
type SanType ¶
type SanType pkix.AttributeTypeAndValue
type SanTypeName ¶
type SanTypeName string
const ( SanTypeOtherName SanTypeName = "otherName" SanTypePermanentIdentifierValue SanTypeName = "permanentIdentifier.value" SanTypePermanentIdentifierAssigner SanTypeName = "permanentIdentifier.assigner" )
type StingAndOid ¶
type StingAndOid struct {
Value string
Assigner asn1.ObjectIdentifier
}
type SubjectTypeName ¶
type SubjectTypeName string
const ( SubjectTypeCommonName SubjectTypeName = "CN" SubjectTypeOrganization SubjectTypeName = "O" SubjectTypeOrganizationalUnit SubjectTypeName = "OU" SubjectTypeCountry SubjectTypeName = "C" SubjectTypeLocality SubjectTypeName = "L" SubjectTypeProvince SubjectTypeName = "ST" SubjectTypeStreetAddress SubjectTypeName = "STREET" SubjectTypeSerialNumber SubjectTypeName = "serialNumber" )
type SubjectValue ¶
type SubjectValue struct {
PolicyType PolicyType
Type SubjectTypeName
Value string
}
func FindSubjectTypes ¶
func FindSubjectTypes(certificate *x509.Certificate) ([]*SubjectValue, error)
func SelectSubjectTypes ¶
func SelectSubjectTypes(certificate *x509.Certificate, subjectAttributes ...SubjectTypeName) ([]*SubjectValue, error)
Source Files