pem

package
v0.12.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 7, 2023 License: BSD-3-Clause Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	BlockPublicKey          = "PUBLIC KEY"
	BlockPrivateKey         = "PRIVATE KEY"
	BlockRSAPublicKey       = "RSA PUBLIC KEY"
	BlockRSAPrivateKey      = "RSA PRIVATE KEY"
	BlockECPrivateKey       = "EC PRIVATE KEY"
	BlockCertificate        = "CERTIFICATE"
	BlockCertificateRequest = "CERTIFICATE REQUEST"
)

PEM Block types

Variables

View Source 
var (
	ErrDecodePrivateKey  = errors.New("could not decode PEM private key")
	ErrDecodePublicKey   = errors.New("could not decode PEM public key")
	ErrDecodeCertificate = errors.New("could not decode PEM certificate")
	ErrDecodeCSR         = errors.New("could not decode PEM certificate request")
)

Functions

func DecodeCSR 

func DecodeCSR(in []byte) (*x509.CertificateRequest, error)

DecodeCSR from PEM encoded block with type "CERTIFICATE REQUEST"

func DecodeCertificate 

func DecodeCertificate(in []byte) (*x509.Certificate, error)

DecodeCertificate from PEM encoded block with type "CERTIFICATE"

func DecodePrivateKey 

func DecodePrivateKey(in []byte) (interface{}, error)

DecodePrivateKey from a PEM encoded block. If the block type is "EC PRIVATE KEY", then the block is parsed as an EC private key in SEC 1, ASN.1 DER form. If the block is "RSA PRIVATE KEY" then it is decoded as a PKCS 1, ASN.1 DER form. If the block type is "PRIVATE KEY", the block is decoded as a PKCS 8 ASN.1 DER key, if that fails, then the PKCS 1 and EC parsers are tried in that order, before returning an error.

func DecodePublicKey 

func DecodePublicKey(in []byte) (interface{}, error)

DecodePublicKey from a PEM encoded block. If the block type is "RSA PUBLIC KEY", then it is deocded as a PKCS 1, ASN.1 DER form. If the block is "PUBLIC KEY", then it is decoded from PKIX ASN1.1 DER form.

func EncodeCSR 

func EncodeCSR(c *x509.CertificateRequest) ([]byte, error)

EncodeCSR and write a PEM block with type "CERTIFICATE REQUEST"

func EncodeCertificate 

func EncodeCertificate(c *x509.Certificate) ([]byte, error)

EncodeCertificate and write a PEM block with type "CERTIFICATE"

func EncodePrivateKey 

func EncodePrivateKey(key interface{}) ([]byte, error)

EncodePrivateKey as a PKCS8 ASN.1 DER key and write a PEM block with type "PRIVATE KEY"

func EncodePublicKey 

func EncodePublicKey(key interface{}) ([]byte, error)

EncodePublicKey as a PKIX ASN1.1 DER key and write a PEM block with type "PUBLIC KEY"

func ParsePrivateKey 

func ParsePrivateKey(block *pem.Block) (interface{}, error)

ParsePrivateKey from PEM block. May return an *ecdsa.PrivateKey, *rsa.PrivateKey, or ed25519.PrivateKey depending on the block type and the x509 parsing method.

func ParsePublicKey 

func ParsePublicKey(block *pem.Block) (interface{}, error)

Types

type Block 

type Block struct {
	pem.Block
}

Block wraps a pem.Block and adds type-specific decoding functions.

func (*Block) DecodeCSR 

func (b *Block) DecodeCSR() (*x509.CertificateRequest, error)

DecodeCSR from PEM encoded block with type "CERTIFICATE REQUEST"

func (*Block) DecodeCertificate 

func (b *Block) DecodeCertificate() (*x509.Certificate, error)

DecodeCertificate from PEM encoded block with type "CERTIFICATE"

func (*Block) DecodePrivateKey 

func (b *Block) DecodePrivateKey() (interface{}, error)

DecodePrivateKey from a PEM encoded block. If the block type is "EC PRIVATE KEY", then the block is parsed as an EC private key in SEC 1, ASN.1 DER form. If the block is "RSA PRIVATE KEY" then it is decoded as a PKCS 1, ASN.1 DER form. If the block type is "PRIVATE KEY", the block is decoded as a PKCS 8 ASN.1 DER key, if that fails, then the PKCS 1 and EC parsers are tried in that order, before returning an error.

func (*Block) DecodePublicKey 

func (b *Block) DecodePublicKey() (interface{}, error)

DecodePublicKey from a PEM encoded block. If the block type is "RSA PUBLIC KEY", then it is deocded as a PKCS 1, ASN.1 DER form. If the block is "PUBLIC KEY", then it is decoded from PKIX ASN1.1 DER form.

type Reader 

type Reader struct {
	// contains filtered or unexported fields
}

Reader wraps an io.ReadCloser in order to decode bytes from the underlying data. As data is decoded from the underlying reader it is freed from memory and cannot be read again. A typical use case is to create a reader to loop over all blocks in the underlying data as though it were an iterator.

func NewReader 

func NewReader(r io.Reader) (_ *Reader, err error)

func (*Reader) Close 

func (r *Reader) Close() error

Close the underlying writer if it is a closer, otherwise simply returns nil.

func (*Reader) Decode 

func (r *Reader) Decode() *Block

Decode the next block and move the cursor. If block is nil then no block was able to be decoded and the rest of the data can be read using the Read function.

func (*Reader) Next 

func (r *Reader) Next() bool

Next is used to determine if there is a next block of data that can be read and is typically used for iteration over all of the blocks in a PEM encoded file.

func (*Reader) Read 

func (r *Reader) Read(p []byte) (int, error)

Read allows the user to read any remaining data that has not been parsed by the PEM decoder. This is useful if there is any trailing data in the reader that is not PEM encoded, or if the user would like inspect the data without interrupting the read.

type Writer 

type Writer struct {
	// contains filtered or unexported fields
}

Writer wraps an io.WriteCloser and allows users to write multiple PEM encoded blocks to the underlying writer. Unlike pem.Encode the writer has type specific encoders to make it easier to write data from different types. This writer is not thread-safe.

func NewWriter 

func NewWriter(w io.Writer) *Writer

func (*Writer) Close 

func (w *Writer) Close() error

Close the underlying writer if it is a closer, otherwise simply returns nil.

func (*Writer) Encode 

func (w *Writer) Encode(block *pem.Block) error

Encode is shorthand for pem.Encode writing a block fo data to the writer.

func (*Writer) EncodeCSR 

func (w *Writer) EncodeCSR(c *x509.CertificateRequest) error

EncodeCSR and write a PEM block with type "CERTIFICATE REQUEST"

func (*Writer) EncodeCertificate 

func (w *Writer) EncodeCertificate(c *x509.Certificate) error

EncodeCertificate and write a PEM block with type "CERTIFICATE"

func (*Writer) EncodePrivateKey 

func (w *Writer) EncodePrivateKey(key interface{}) error

EncodePrivateKey as a PKCS8 ASN.1 DER key and write a PEM block with type "PRIVATE KEY"

func (*Writer) EncodePublicKey 

func (w *Writer) EncodePublicKey(key interface{}) error

EncodePublicKey as a PKIX ASN1.1 DER key and write a PEM block with type "PUBLIC KEY"

func (*Writer) Write 

func (w *Writer) Write(p []byte) (int, error)

Write data to the underlying writer, bypassing any PEM encoding. Write is not safe for concurrent use even if the underlying writer is. Generally speaking this function is used with pem.Encode(writer, block) though writer.Encode is also an alias.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.