Documentation ¶
Index ¶
- Variables
- func CATemplate(commonName, orgUnit, serialNumber, countryCode string, algo string) (*x509.Certificate, error)
- func CertDERToPEM(certDER []byte) (certPEM []byte, err error)
- func CertDERToPEMFile(certDER []byte, filename string) error
- func CertToPEM(cert *x509.Certificate) ([]byte, error)
- func CertToPEMFile(cert *x509.Certificate, filename string) error
- func CustomCATemplate(commonName, orgUnit, serialNumber, countryCode, algo string, ...) (*x509.Certificate, error)
- func CustomECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string, validity int, ...) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func CustomECRootCA(commonName, orgUnit, serialNumber, countryCode, curve string, ...) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func CustomLeafTemplate(commonName, orgUnit, serialNumber, countryCode, algo string, validity int, ...) (*x509.Certificate, error)
- func CustomRSALeafCert(commonName, orgUnit, serialNumber, countryCode string, validity, keySize int, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func CustomRSARootCA(commonName, orgUnit, serialNumber, countryCode string, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func ECKeys(curve string) (*ecdsa.PrivateKey, error)
- func ECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string, ...) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func ECRootCA(commonName, orgUnit, serialNumber, countryCode string, curve string) (*x509.Certificate, *ecdsa.PrivateKey, error)
- func KeyToPEM(privKey interface{}) (keyPEM []byte, err error)
- func KeyToPEMFile(privKey interface{}, filename string) error
- func LeafTemplate(commonName, orgUnit, serialNumber, countryCode string, algo string) (*x509.Certificate, error)
- func RSALeafCert(commonName, orgUnit, serialNumber, countryCode string, keySize int, ...) (*x509.Certificate, *rsa.PrivateKey, error)
- func RSARootCA(commonName, orgUnit, serialNumber, countryCode string, keySize int) (*x509.Certificate, *rsa.PrivateKey, error)
Constants ¶
This section is empty.
Variables ¶
var ( // Certificates are valid for a year. CertValidityConstant = 1 // Leaf certificate key usage. LeafKeyUsageConstant = x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment // Default max path length is 0. MaxPathLenConstant = 0 // CA key usage. CAKeyUsageConstant = x509.KeyUsageCertSign )
Functions ¶
func CATemplate ¶
func CATemplate(commonName, orgUnit, serialNumber, countryCode string, algo string) (*x509.Certificate, error)
CATemplate returns an x509.Certificate template for a root CA. algo can be "RSA" or "EC" (case-insensitive). Default values:
validity = CertValidity in constants.go. 1 year. maxPathLen = 0 - can only sign leaf certificates. keyUsage = x509.KeyUsageCertSign - CAKeyUsageConstant
func CertDERToPEM ¶
CertDERToPEM converts a DER certificate to PEM.
func CertDERToPEMFile ¶
CertDERToPEMFile converts a DER certificate to PEM and stores it in a file.
func CertToPEM ¶
func CertToPEM(cert *x509.Certificate) ([]byte, error)
CertToPEM converts cert *x509.Certificate to PEM.
func CertToPEMFile ¶
func CertToPEMFile(cert *x509.Certificate, filename string) error
CertToPEMFile converts cert *x509.Certificate to PEM and stores it in a file.
func CustomCATemplate ¶
func CustomCATemplate(commonName, orgUnit, serialNumber, countryCode, algo string, validity, maxPathLen int, keyUsage x509.KeyUsage) (*x509.Certificate, error)
CustomCATemplate returns an x509.Certificate template for a root CA.
algo must be "RSA" or "EC" (case-insensitive). validity is in years. For example, 1. if maxPathLen is zero, the certificate can only sign leaf certificates and MaxPathLenZero is also set to true. keyUsage is a mix of https://golang.org/pkg/crypto/x509/#KeyUsage. For example, x509.KeyUsageCertSign | x509.KeyUsageCRLSign. For more customization, manually create a https://golang.org/pkg/crypto/x509/#Certificate.
func CustomECLeafCert ¶
func CustomECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string, validity int, caCert *x509.Certificate, caPrivKey interface{}) (*x509.Certificate, *ecdsa.PrivateKey, error)
CustomECLeafCert returns a custom leaf certificate with an EC key. Certificate signed by caCert with caPrivKey.
func CustomECRootCA ¶
func CustomECRootCA(commonName, orgUnit, serialNumber, countryCode, curve string, validity, maxPathLen int, keyUsage x509.KeyUsage) (*x509.Certificate, *ecdsa.PrivateKey, error)
CustomECRootCA returns a custom self-signed x509 root CA with an EC key.
func CustomLeafTemplate ¶
func CustomLeafTemplate(commonName, orgUnit, serialNumber, countryCode, algo string, validity int, keyUsage x509.KeyUsage) (*x509.Certificate, error)
CustomLeafTemplate returns a custom x509.Certificate template for a leaf certificate.
func CustomRSALeafCert ¶
func CustomRSALeafCert(commonName, orgUnit, serialNumber, countryCode string, validity, keySize int, caCert *x509.Certificate, caPrivKey interface{}) (*x509.Certificate, *rsa.PrivateKey, error)
CustomRSALeafCert returns a certificate signed by caCert. The certificate uses an RSA key. caCert can have any type of key.
func CustomRSARootCA ¶
func CustomRSARootCA(commonName, orgUnit, serialNumber, countryCode string, keySize, validity, maxPathLen int, keyUsage x509.KeyUsage) (*x509.Certificate, *rsa.PrivateKey, error)
CustomRSARootCA returns a custom self-signed x509 CA with an RSA key.
func ECKeys ¶
func ECKeys(curve string) (*ecdsa.PrivateKey, error)
ECKeys returns an EC key pair with a specified curve. Valid curves are P224, P256, P384 and P521 (case-insensitive). If curve is invalid or empty, P224 is used. Go's supported curves: https://golang.org/pkg/crypto/elliptic/#Curve
func ECLeafCert ¶
func ECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string, caCert *x509.Certificate, caPrivKey interface{}) (*x509.Certificate, *ecdsa.PrivateKey, error)
ECLeafCert returns a leaf certificate with an EC key.
func ECRootCA ¶
func ECRootCA(commonName, orgUnit, serialNumber, countryCode string, curve string) (*x509.Certificate, *ecdsa.PrivateKey, error)
ECRootCA returns a self-signed x509 root CA with an EC key.
func KeyToPEMFile ¶
KeyToPEMFile converts a private key to PEM and stores it in a file.
func LeafTemplate ¶
func LeafTemplate(commonName, orgUnit, serialNumber, countryCode string, algo string) (*x509.Certificate, error)
LeafTemplate returns an x509.Certificate template for a leaf certificate.
func RSALeafCert ¶
func RSALeafCert(commonName, orgUnit, serialNumber, countryCode string, keySize int, caCert *x509.Certificate, caPrivKey interface{}) (*x509.Certificate, *rsa.PrivateKey, error)
RSALeafCert returns a lead certificate signed by caCert.
func RSARootCA ¶
func RSARootCA(commonName, orgUnit, serialNumber, countryCode string, keySize int) (*x509.Certificate, *rsa.PrivateKey, error)
RSARootCA returns a self-signed x509 root CA with an RSA key.
Types ¶
This section is empty.