signutils

package

v0.12.0 Latest Latest Go to latest Published: Jul 19, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/open-component-model/ocm

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CertificateBytesToPem(derBytes []byte) []byte
func CertificateChainToPem(certs []*x509.Certificate) []byte
func CertificateToPem(c *x509.Certificate) []byte
func CommonName(n string) *pkix.Name
func CreateCertificate(spec *Specification) (*x509.Certificate, []byte, error)
func DNAsString(dn pkix.Name) string
func ExtKeyUsages(usages []x509.ExtKeyUsage) []string
func GetCertPool(in GenericCertificatePool, filter bool) (*x509.CertPool, error)
func GetCertificate(in GenericCertificate, filter bool) (*x509.Certificate, *x509.CertPool, error)
func GetCertificateChain(in GenericCertificateChain, filter bool) ([]*x509.Certificate, error)
func GetPrivateKey(key GenericPrivateKey) (interface{}, error)
func GetPublicKey(key GenericPublicKey) (interface{}, error)
func GetSignatureFromPem(pemData []byte) ([]byte, string, []*x509.Certificate, error)
func GetTime(in interface{}) (time.Time, error)
func IsSelfSigned(cert *x509.Certificate) bool
func KeyUsages(usages x509.KeyUsage) []string
func MatchDN(n pkix.Name, p pkix.Name) error
func NormalizeDN(dn pkix.Name) string
func ParseCertificate(data []byte) (*x509.Certificate, error)
func ParseCertificateChain(data []byte, filter bool) ([]*x509.Certificate, error)
func ParseDN(dn string) (*pkix.Name, error)
func ParsePrivateKey(data []byte) (interface{}, error)
func ParsePublicKey(data []byte) (interface{}, error)
func PemBlockForCertificate(cert interface{}) *pem.Block
func PemBlockForPrivateKey(priv interface{}) *pem.Block
func PemBlockForPublicKey(priv interface{}, gen ...bool) *pem.Block
func RootPoolFromFile(pemfile string, useOS bool, fss ...vfs.FileSystem) (*x509.CertPool, error)
func SignatureBytesToPem(algo string, data []byte, certs ...*x509.Certificate) []byte
func SystemCertPool() (*x509.CertPool, error)
func VerifyCertificate(cert *x509.Certificate, intermediates GenericCertificateChain, ...) error
type GenericCertificate
type GenericCertificateChain
type GenericCertificatePool
- func AddCertificateToPool(in GenericCertificatePool, chain ...GenericCertificateChain) (GenericCertificatePool, error)
type GenericPrivateKey
type GenericPublicKey
type KeyUsage
- func GetKeyUsage(opt interface{}) KeyUsage
- func ParseKeyUsage(name string) KeyUsage
type PublicKeySource
type Specification
type Usages

Constants ¶

View Source

const (
	KIND_HASH_ALGORITHM   = "hash algorithm"
	KIND_SIGN_ALGORITHM   = "signing algorithm"
	KIND_NORM_ALGORITHM   = "normalization algorithm"
	KIND_VERIFY_ALGORITHM = "signature verification algorithm"
	KIND_PUBLIC_KEY       = "public key"
	KIND_PRIVATE_KEY      = "private key"
	KIND_CERTIFICATE      = "certificate"
	KIND_CERTPOOL         = "certificate pool"
	KIND_SIGNATURE        = "signature"
	KIND_DIGEST           = "digest"
)

View Source

const CertificatePEMBlockType = "CERTIFICATE"

CertificatePEMBlockType defines the type of a certificate pem block.

View Source

const MediaTypePEM = "application/x-pem-file"

MediaTypePEM defines the media type for PEM formatted signature data.

View Source

const SignaturePEMBlockAlgorithmHeader = "Signature Algorithm"

SignaturePEMBlockAlgorithmHeader defines the header in a signature pem block where the signature algorithm is defined.

View Source

const SignaturePEMBlockType = "SIGNATURE"

SignaturePEMBlockType defines the type of a signature pem block.

Variables ¶

This section is empty.

Functions ¶

func CertificateBytesToPem ¶

func CertificateBytesToPem(derBytes []byte) []byte

func CertificateChainToPem ¶

func CertificateChainToPem(certs []*x509.Certificate) []byte

func CertificateToPem ¶

func CertificateToPem(c *x509.Certificate) []byte

func CommonName ¶

func CommonName(n string) *pkix.Name

func CreateCertificate ¶

func CreateCertificate(spec *Specification) (*x509.Certificate, []byte, error)

CreateCertificate creates a certificate and additionally returns a PEM encoded representation.

func DNAsString ¶

func DNAsString(dn pkix.Name) string

func ExtKeyUsages ¶

func ExtKeyUsages(usages []x509.ExtKeyUsage) []string

func GetCertPool ¶

func GetCertPool(in GenericCertificatePool, filter bool) (*x509.CertPool, error)

func GetCertificate ¶

func GetCertificate(in GenericCertificate, filter bool) (*x509.Certificate, *x509.CertPool, error)

func GetCertificateChain ¶

func GetCertificateChain(in GenericCertificateChain, filter bool) ([]*x509.Certificate, error)

func GetPrivateKey ¶

func GetPrivateKey(key GenericPrivateKey) (interface{}, error)

func GetPublicKey ¶

func GetPublicKey(key GenericPublicKey) (interface{}, error)

func GetSignatureFromPem ¶

func GetSignatureFromPem(pemData []byte) ([]byte, string, []*x509.Certificate, error)

GetSignatureFromPem returns a signature and certificated contained in a PEM block list.

func GetTime ¶

func GetTime(in interface{}) (time.Time, error)

func IsSelfSigned ¶

func IsSelfSigned(cert *x509.Certificate) bool

func KeyUsages ¶

func KeyUsages(usages x509.KeyUsage) []string

func MatchDN ¶

func MatchDN(n pkix.Name, p pkix.Name) error

func NormalizeDN ¶

func NormalizeDN(dn pkix.Name) string

func ParseCertificate ¶

func ParseCertificate(data []byte) (*x509.Certificate, error)

func ParseCertificateChain ¶

func ParseCertificateChain(data []byte, filter bool) ([]*x509.Certificate, error)

func ParseDN ¶

func ParseDN(dn string) (*pkix.Name, error)

func ParsePrivateKey ¶

func ParsePrivateKey(data []byte) (interface{}, error)

func ParsePublicKey ¶

func ParsePublicKey(data []byte) (interface{}, error)

func PemBlockForCertificate ¶ added in v0.7.0

func PemBlockForCertificate(cert interface{}) *pem.Block

func PemBlockForPrivateKey ¶

func PemBlockForPrivateKey(priv interface{}) *pem.Block

func PemBlockForPublicKey ¶

func PemBlockForPublicKey(priv interface{}, gen ...bool) *pem.Block

func RootPoolFromFile ¶

func RootPoolFromFile(pemfile string, useOS bool, fss ...vfs.FileSystem) (*x509.CertPool, error)

func SignatureBytesToPem ¶

func SignatureBytesToPem(algo string, data []byte, certs ...*x509.Certificate) []byte

func SystemCertPool ¶

func SystemCertPool() (*x509.CertPool, error)

func VerifyCertificate ¶

func VerifyCertificate(cert *x509.Certificate, intermediates GenericCertificateChain, rootCerts GenericCertificatePool, name *pkix.Name, ts ...*time.Time) error

Types ¶

type GenericCertificate ¶

type GenericCertificate interface{}

GenericCertificate can be everything mappable by GetCertificate to an appropriate x509.Certificate.

type GenericCertificateChain ¶

type GenericCertificateChain interface{}

GenericCertificateChain can be everything mappable by GetCertificateChain to an appropriate list of x509.Certificates. GenericCertificateChain is always a GenericCertificatePool.

type GenericCertificatePool ¶

type GenericCertificatePool interface{}

GenericCertificatePool can be everything mappable by GetCertPool to an appropriate x509.CertPool.

func AddCertificateToPool ¶ added in v0.7.0

func AddCertificateToPool(in GenericCertificatePool, chain ...GenericCertificateChain) (GenericCertificatePool, error)

type GenericPrivateKey ¶

type GenericPrivateKey interface{}

GenericPrivateKey can be everything somebody can map to an appropriate PrivateKey.

type GenericPublicKey ¶

type GenericPublicKey interface{}

GenericPublicKey can be everything somebody can map to an appropriate PublicKey.

type KeyUsage ¶

type KeyUsage interface {
	String() string
	AddTo(*x509.Certificate)
}

func GetKeyUsage ¶

func GetKeyUsage(opt interface{}) KeyUsage

func ParseKeyUsage ¶

func ParseKeyUsage(name string) KeyUsage

type PublicKeySource ¶

type PublicKeySource interface {
	Public() crypto.PublicKey
}

type Specification ¶

type Specification struct {
	// RootCAs is used to verify a certificate chain.
	// Self-signed CAs must be added here to be accepted as part
	// of a chain.
	RootCAs GenericCertificatePool

	// IsCA requests a certificate for a CA.
	IsCA bool

	PublicKey GenericPublicKey

	// CAPrivateKey is the private key used for signing.
	// It must be the key for the first certificate in the chain
	// (if given).
	CAPrivateKey GenericPrivateKey
	CAChain      GenericCertificateChain

	// SkipVerify can be set to true to skip the verification
	// of the given certificate chain.
	SkipVerify bool

	Subject   pkix.Name
	Usages    Usages
	Validity  time.Duration
	NotBefore *time.Time

	Hosts []string
}

Specification specified the context for the certificate creation.

type Usages ¶

type Usages []interface{}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL