README
¶
cert-utils
Shared utility functions for manipulating certs and keys
Documentation
¶
Index ¶
- Variables
- func AddEncryptionTargetKey(template *x509.Certificate, key *ecdsa.PublicKey) error
- func CertHash(cert *x509.Certificate) string
- func CertToPem(cert *x509.Certificate) string
- func CreateCACert(accountID string, pub *ecdsa.PublicKey, priv crypto.Signer, now time.Time) (*x509.Certificate, error)
- func CreateCACertTemplate(accountID string, now time.Time) (*x509.Certificate, error)
- func CreateDeviceCert(caCert *x509.Certificate, caSigner crypto.Signer, accountID string, ...) (*x509.Certificate, error)
- func CreateDeviceCertTemplate(caCert *x509.Certificate, accountID string, deviceName string, ...) (*x509.Certificate, error)
- func GenerateSerial() (*big.Int, error)
- func GetEncryptionTargetKey(cert *x509.Certificate) (*ecdsa.PublicKey, error)
- func PemFromPubKey(pub *ecdsa.PublicKey) (string, error)
- func PemToCert(s string) (*x509.Certificate, error)
- func PubKeyFromPEM(s string) (*ecdsa.PublicKey, error)
- func PubKeyHash(key *ecdsa.PublicKey) (string, error)
- func UniqueHashes(hashes ...string) bool
- func VerifyDeviceSignature(ca *x509.Certificate, cert *x509.Certificate, now time.Time) error
Constants ¶
This section is empty.
Variables ¶
var EncryptionTargetKeyExtensionOID = []int{1, 3, 9942, 1, 1}
Functions ¶
func AddEncryptionTargetKey ¶ added in v1.1.0
func AddEncryptionTargetKey(template *x509.Certificate, key *ecdsa.PublicKey) error
AddEncryptionTargetKey adds a Scott Pass EncryptionTargetKey extension to a certificate template.
func CertHash ¶
func CertHash(cert *x509.Certificate) string
CertHash returns the SHA256 hash of a certificate's DER encoding
func CertToPem ¶
func CertToPem(cert *x509.Certificate) string
CertToPem converts a certificate to a PEM encoded string
func CreateCACert ¶ added in v1.5.0
func CreateCACert(accountID string, pub *ecdsa.PublicKey, priv crypto.Signer, now time.Time) (*x509.Certificate, error)
CreateCACert creates a CA certificate
func CreateCACertTemplate ¶ added in v1.7.0
CreateCACertTemplate creates a template for a CA certificate
func CreateDeviceCert ¶ added in v1.5.0
func CreateDeviceCert( caCert *x509.Certificate, caSigner crypto.Signer, accountID string, deviceName string, baseUrl *url.URL, pub *ecdsa.PublicKey, pubEncryption *ecdsa.PublicKey, now time.Time, ) (*x509.Certificate, error)
CreateDeviceCert creates a device certificate
func CreateDeviceCertTemplate ¶ added in v1.7.0
func CreateDeviceCertTemplate( caCert *x509.Certificate, accountID string, deviceName string, baseUrl *url.URL, pubEncryption *ecdsa.PublicKey, now time.Time, ) (*x509.Certificate, error)
CreateDeviceCertTemplate creates a template for a device certificate
func GenerateSerial ¶ added in v1.5.0
GenerateSerial generates a random serial number for a certificate, using 126s bit of entropy.
func GetEncryptionTargetKey ¶ added in v1.1.0
func GetEncryptionTargetKey(cert *x509.Certificate) (*ecdsa.PublicKey, error)
GetEncryptionTargetKey returns the key encoded in the Scott Pass EncryptionTargetKey extension attached to a cert or an error if no such extension is present.
func PemFromPubKey ¶
PemFromPubKey converts an ECDSA public key to a PEM encoded string
func PemToCert ¶
func PemToCert(s string) (*x509.Certificate, error)
PemToCert converts a PEM encoded string to a certificate
func PubKeyFromPEM ¶
PubKeyFromPEM converts a PEM encoded public key to an ECDSA public key
func PubKeyHash ¶
PubKeyHash returns the SHA256 hash of a public key's DER encoding
func UniqueHashes ¶ added in v1.3.0
func VerifyDeviceSignature ¶ added in v1.12.0
func VerifyDeviceSignature(ca *x509.Certificate, cert *x509.Certificate, now time.Time) error
Types ¶
This section is empty.
Source Files
Directories