x509util

Documentation

Overview

Package x509util includes utility code for working with X.509 certificates from the x509 package.

Index

• func CRLToString(crl *x509.CertificateList) string
• func CertificateFromPEM(pemBytes string) (*x509.Certificate, error)
• func CertificateToString(cert *x509.Certificate) string
• func Fuzz(data []byte) int
• func GeneralNamesToString(gname *x509.GeneralNames) string
• func GetIssuer(cert *x509.Certificate, client *http.Client) (*x509.Certificate, error)
• func NameToString(name pkix.Name) string
• func OIDForStandardExtension(oid asn1.ObjectIdentifier) bool
• func OIDInExtensions(oid asn1.ObjectIdentifier, extensions []pkix.Extension) (int, bool)
• func OtherNameToString(other x509.OtherName) string
• func ReadFileOrURL(target string, client *http.Client) ([]byte, error)
• func ReadPossiblePEMFile(filename, blockname string) ([][]byte, error)
• func ReadPossiblePEMURL(target, blockname string) ([][]byte, error)
• func RevocationReasonToString(reason x509.RevocationReasonCode) string

Functions

func CRLToString

func CRLToString(crl *x509.CertificateList) string

CRLToString generates a string describing the given certificate revocation list. The output roughly resembles that from openssl crl -text.

func CertificateFromPEM

func CertificateFromPEM(pemBytes string) (*x509.Certificate, error)

CertificateFromPEM takes a string representing a certificate in PEM format and returns the corresponding x509.Certificate object.

func CertificateToString

func CertificateToString(cert *x509.Certificate) string

CertificateToString generates a string describing the given certificate. The output roughly resembles that from openssl x509 -text.

func Fuzz

func Fuzz(data []byte) int

Fuzz is a go-fuzz (https://github.com/dvyukov/go-fuzz) entrypoint for fuzzing the parsing of X509 certificates.

func GeneralNamesToString

func GeneralNamesToString(gname *x509.GeneralNames) string

GeneralNamesToString creates a string description of an x509.GeneralNames object.

func GetIssuer

func GetIssuer(cert *x509.Certificate, client *http.Client) (*x509.Certificate, error)

GetIssuer attempts to retrieve the issuer for a certificate, by examining the cert's Authority Information Access extension (if present) for the issuer's URL and retrieving from there.

func NameToString

func NameToString(name pkix.Name) string

NameToString creates a string description of a pkix.Name object.

func OIDForStandardExtension

func OIDForStandardExtension(oid asn1.ObjectIdentifier) bool

OIDForStandardExtension indicates whether oid identifies a standard extension. Standard extensions are listed in RFC 5280 (and other RFCs).

func OIDInExtensions

func OIDInExtensions(oid asn1.ObjectIdentifier, extensions []pkix.Extension) (int, bool)

OIDInExtensions checks whether the extension identified by oid is present in extensions and returns how many times it occurs together with an indication of whether any of them are marked critical.

func OtherNameToString

func OtherNameToString(other x509.OtherName) string

OtherNameToString creates a string description of an x509.OtherName object.

func ReadFileOrURL

func ReadFileOrURL(target string, client *http.Client) ([]byte, error)

ReadFileOrURL returns the data from a target which may be either a filename or an HTTP(S) URL.

func ReadPossiblePEMFile

func ReadPossiblePEMFile(filename, blockname string) ([][]byte, error)

ReadPossiblePEMFile loads data from a file which may be in DER format or may be in PEM format (with the given blockname).

func ReadPossiblePEMURL

func ReadPossiblePEMURL(target, blockname string) ([][]byte, error)

ReadPossiblePEMURL attempts to determine if the given target is a local file or a URL, and return the file contents regardless. It also copes with either PEM or DER format data.

func RevocationReasonToString

func RevocationReasonToString(reason x509.RevocationReasonCode) string

RevocationReasonToString generates a string describing a revocation reason code.