tls

package

v0.2012.3 Latest Latest Go to latest Published: Dec 7, 2020 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/oasisprotocol/oasis-core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tls implements helpful wrappers for dealing with TLS certificates.

Index ¶

func ExportPEM(cert *tls.Certificate) ([]byte, []byte, error)
func Generate(commonName string) (*tls.Certificate, error)
func ImportCertificatePEM(certPEM []byte) (*tls.Certificate, error)
func ImportPEM(certPEM, keyPEM []byte) (*tls.Certificate, error)
func Load(certPath, keyPath string) (*tls.Certificate, error)
func LoadCertificate(certPath string) (*tls.Certificate, error)
func LoadOrGenerate(certPath, keyPath, commonName string) (*tls.Certificate, error)
func Save(certPath, keyPath string, cert *tls.Certificate) error
func VerifyCertificate(rawCerts [][]byte, opts VerifyOptions) error
type VerifyOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ExportPEM ¶

func ExportPEM(cert *tls.Certificate) ([]byte, []byte, error)

ExportPEM saves a TLS certificate and private key into PEM blobs.

func Generate ¶

func Generate(commonName string) (*tls.Certificate, error)

Generate generates a new TLS certificate.

func ImportCertificatePEM ¶

func ImportCertificatePEM(certPEM []byte) (*tls.Certificate, error)

ImportCertificatePEM loads a TLS certificate from an in-memory PEM blob.

func ImportPEM ¶

func ImportPEM(certPEM, keyPEM []byte) (*tls.Certificate, error)

ImportPEM loads a TLS certificate and private key from in-memory PEM blobs.

func Load ¶

func Load(certPath, keyPath string) (*tls.Certificate, error)

Load loads a TLS certificate and private key.

func LoadCertificate ¶

func LoadCertificate(certPath string) (*tls.Certificate, error)

LoadCertificate loads a TLS certificate.

func LoadOrGenerate ¶

func LoadOrGenerate(certPath, keyPath, commonName string) (*tls.Certificate, error)

LoadOrGenerate loads a TLS certificate and private key, or generates one iff they do not exist.

func Save ¶

func Save(certPath, keyPath string, cert *tls.Certificate) error

Save saves a TLS certificate and private key.

func VerifyCertificate ¶

func VerifyCertificate(rawCerts [][]byte, opts VerifyOptions) error

VerifyCertificate verifies a TLS certificate as required by Oasis Core. Instead of using CAs, public key pinning is used and certificates must follow the template.

Types ¶

type VerifyOptions ¶

type VerifyOptions struct {
	// CommonName is the expected certificate common name.
	CommonName string

	// Keys is the set of public keys that are allowed to sign the certificate.
	Keys map[signature.PublicKey]bool

	// AllowUnknownKeys specifies whether any key will be allowed iff Keys is nil.
	AllowUnknownKeys bool

	// AllowNoCertificate specifies whether connections presenting no certificates will be allowed.
	AllowNoCertificate bool
}

VerifyOptions are the certificate verification options.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL