Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security Policy
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

x509

package

Go to main page

Versions in this module

v1

v1.0.1

Jun 29, 2022

Changes in this version

+ const OID_EKU_ADOBE_AUTHENTIC_DOCUMENT_TRUST

+ const OID_EKU_ANY

+ const OID_EKU_APPLE_CODE_SIGNING

+ const OID_EKU_APPLE_CODE_SIGNING_DEVELOPMENT

+ const OID_EKU_APPLE_CODE_SIGNING_THIRD_PARTY

+ const OID_EKU_APPLE_CRYPTO_DEVELOPMENT_ENV

+ const OID_EKU_APPLE_CRYPTO_ENV

+ const OID_EKU_APPLE_CRYPTO_MAINTENANCE_ENV

+ const OID_EKU_APPLE_CRYPTO_PRODUCTION_ENV

+ const OID_EKU_APPLE_CRYPTO_QOS

+ const OID_EKU_APPLE_CRYPTO_TEST_ENV

+ const OID_EKU_APPLE_CRYPTO_TIER0_QOS

+ const OID_EKU_APPLE_CRYPTO_TIER1_QOS

+ const OID_EKU_APPLE_CRYPTO_TIER2_QOS

+ const OID_EKU_APPLE_CRYPTO_TIER3_QOS

+ const OID_EKU_APPLE_ICHAT_ENCRYPTION

+ const OID_EKU_APPLE_ICHAT_SIGNING

+ const OID_EKU_APPLE_RESOURCE_SIGNING

+ const OID_EKU_APPLE_SOFTWARE_UPDATE_SIGNING

+ const OID_EKU_APPLE_SYSTEM_IDENTITY

+ const OID_EKU_CLIENT_AUTH

+ const OID_EKU_CODE_SIGNING

+ const OID_EKU_DVCS

+ const OID_EKU_EAP_OVER_LAN

+ const OID_EKU_EAP_OVER_PPP

+ const OID_EKU_EMAIL_PROTECTION

+ const OID_EKU_IPSEC_END_SYSTEM

+ const OID_EKU_IPSEC_INTERMEDIATE_SYSTEM_USAGE

+ const OID_EKU_IPSEC_TUNNEL

+ const OID_EKU_IPSEC_USER

+ const OID_EKU_MICROSOFT_CA_EXCHANGE

+ const OID_EKU_MICROSOFT_CERT_TRUST_LIST_SIGNING

+ const OID_EKU_MICROSOFT_CSP_SIGNATURE

+ const OID_EKU_MICROSOFT_DOCUMENT_SIGNING

+ const OID_EKU_MICROSOFT_DRM

+ const OID_EKU_MICROSOFT_DRM_INDIVIDUALIZATION

+ const OID_EKU_MICROSOFT_EFS_RECOVERY

+ const OID_EKU_MICROSOFT_EMBEDDED_NT_CRYPTO

+ const OID_EKU_MICROSOFT_ENCRYPTED_FILE_SYSTEM

+ const OID_EKU_MICROSOFT_ENROLLMENT_AGENT

+ const OID_EKU_MICROSOFT_KERNEL_MODE_CODE_SIGNING

+ const OID_EKU_MICROSOFT_KEY_RECOVERY_21

+ const OID_EKU_MICROSOFT_KEY_RECOVERY_3

+ const OID_EKU_MICROSOFT_LICENSES

+ const OID_EKU_MICROSOFT_LICENSE_SERVER

+ const OID_EKU_MICROSOFT_LIFETIME_SIGNING

+ const OID_EKU_MICROSOFT_MOBILE_DEVICE_SOFTWARE

+ const OID_EKU_MICROSOFT_NT5_CRYPTO

+ const OID_EKU_MICROSOFT_OEM_WHQL_CRYPTO

+ const OID_EKU_MICROSOFT_QUALIFIED_SUBORDINATE

+ const OID_EKU_MICROSOFT_ROOT_LIST_SIGNER

+ const OID_EKU_MICROSOFT_SERVER_GATED_CRYPTO

+ const OID_EKU_MICROSOFT_SGC_SERIALIZED

+ const OID_EKU_MICROSOFT_SMARTCARD_LOGON

+ const OID_EKU_MICROSOFT_SMART_DISPLAY

+ const OID_EKU_MICROSOFT_SYSTEM_HEALTH

+ const OID_EKU_MICROSOFT_SYSTEM_HEALTH_LOOPHOLE

+ const OID_EKU_MICROSOFT_TIMESTAMP_SIGNING

+ const OID_EKU_MICROSOFT_WHQL_CRYPTO

+ const OID_EKU_NETSCAPE_SERVER_GATED_CRYPTO

+ const OID_EKU_OCSP_SIGNING

+ const OID_EKU_SBGP_CERT_AA_SERVICE_AUTH

+ const OID_EKU_SERVER_AUTH

+ const OID_EKU_TIME_STAMPING

+ var DomainValidationOIDs = map[string]interface

+ var ErrUnsupportedAlgorithm = errors.New("x509: cannot verify signature: algorithm unimplemented")

+ var ExtendedValidationOIDs = map[string]interface

+ var IncorrectPasswordError = errors.New("x509: decryption password incorrect")

+ var OrganizationValidationOIDs = map[string]interface

+ func CheckSignatureFromKey(publicKey interface{}, algo SignatureAlgorithm, signed, signature []byte) (err error)

+ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub, priv interface{}) (cert []byte, err error)

+ func CreateCertificateRequest(rand io.Reader, template *CertificateRequest, priv interface{}) (csr []byte, err error)

+ func DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error)

+ func EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error)

+ func GetRSAPublicKeyJSON(key *rsa.PublicKey) *jsonKeys.RSAPublicKey

+ func IsEncryptedPEMBlock(b *pem.Block) bool

+ func MarshalECPrivateKey(key *ecdsa.PrivateKey) ([]byte, error)

+ func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte

+ func MarshalPKIXPublicKey(pub interface{}) ([]byte, error)

+ func ParseCRL(crlBytes []byte) (*pkix.CertificateList, error)

+ func ParseDERCRL(derBytes []byte) (*pkix.CertificateList, error)

+ func ParseECPrivateKey(der []byte) (*ecdsa.PrivateKey, error)

+ func ParsePKCS1PrivateKey(der []byte) (*rsa.PrivateKey, error)

+ func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error)

+ func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error)

+ type AugmentedECDSA struct

+ Pub *ecdsa.PublicKey

+ Raw asn1.BitString

+ type AuthorityInfoAccess struct

+ IssuingCertificateURL []string

+ OCSPServer []string

+ type BasicConstraints struct

+ IsCA bool

+ MaxPathLen *int

+ type CABFOrganizationIDASN struct

+ RegistrationCountry string

+ RegistrationReference string

+ RegistrationSchemeIdentifier string

+ RegistrationStateOrProvince string

+ type CABFOrganizationIdentifier struct

+ Country string

+ Reference string

+ Scheme string

+ State string

+ type CRLDistributionPoints []string

+ type CertPool struct

+ func NewCertPool() *CertPool

+ func (s *CertPool) AddCert(cert *Certificate)

+ func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool)

+ func (s *CertPool) Certificates() []*Certificate

+ func (s *CertPool) Contains(c *Certificate) bool

+ func (s *CertPool) Covers(pool *CertPool) bool

+ func (s *CertPool) Size() int

+ func (s *CertPool) Subjects() [][]byte

+ func (s *CertPool) Sum(other *CertPool) (sum *CertPool)

+ type CertValidationLevel int

+ const DV

+ const EV

+ const OV

+ const UnknownValidationLevel

+ func (c *CertValidationLevel) MarshalJSON() ([]byte, error)

+ func (i CertValidationLevel) String() string

+ type Certificate struct

+ AuthorityKeyId []byte

+ BasicConstraintsValid bool

+ CABFOrganizationIdentifier *CABFOrganizationIdentifier

+ CPSuri [][]string

+ CRLDistributionPoints []string

+ DNSNames []string

+ DirectoryNames []pkix.Name

+ EDIPartyNames []pkix.EDIPartyName

+ EmailAddresses []string

+ ExcludedDNSNames []GeneralSubtreeString

+ ExcludedDirectoryNames []GeneralSubtreeName

+ ExcludedEdiPartyNames []GeneralSubtreeEdi

+ ExcludedEmailAddresses []GeneralSubtreeString

+ ExcludedIPAddresses []GeneralSubtreeIP

+ ExcludedRegisteredIDs []GeneralSubtreeOid

+ ExcludedURIs []GeneralSubtreeString

+ ExcludedX400Addresses []GeneralSubtreeRaw

+ ExplicitTexts [][]asn1.RawValue

+ ExtKeyUsage []ExtKeyUsage

+ Extensions []pkix.Extension

+ ExtensionsMap map[string]pkix.Extension

+ ExtraExtensions []pkix.Extension

+ FailedToParseNames []asn1.RawValue

+ FingerprintMD5 CertificateFingerprint

+ FingerprintNoCT CertificateFingerprint

+ FingerprintSHA1 CertificateFingerprint

+ FingerprintSHA256 CertificateFingerprint

+ IANDNSNames []string

+ IANDirectoryNames []pkix.Name

+ IANEDIPartyNames []pkix.EDIPartyName

+ IANEmailAddresses []string

+ IANIPAddresses []net.IP

+ IANOtherNames []pkix.OtherName

+ IANRegisteredIDs []asn1.ObjectIdentifier

+ IANURIs []string

+ IPAddresses []net.IP

+ IsCA bool

+ IsPrecert bool

+ Issuer pkix.Name

+ IssuerUniqueId asn1.BitString

+ IssuingCertificateURL []string

+ KeyUsage KeyUsage

+ MaxPathLen int

+ MaxPathLenZero bool

+ NameConstraintsCritical bool

+ NotAfter time.Time

+ NotBefore time.Time

+ NoticeRefNumbers [][]NoticeNumber

+ NoticeRefOrgnization [][]asn1.RawValue

+ OCSPServer []string

+ OtherNames []pkix.OtherName

+ ParsedExplicitTexts [][]string

+ ParsedNoticeRefOrganization [][]string

+ PermittedDNSNames []GeneralSubtreeString

+ PermittedDirectoryNames []GeneralSubtreeName

+ PermittedEdiPartyNames []GeneralSubtreeEdi

+ PermittedEmailAddresses []GeneralSubtreeString

+ PermittedIPAddresses []GeneralSubtreeIP

+ PermittedRegisteredIDs []GeneralSubtreeOid

+ PermittedURIs []GeneralSubtreeString

+ PermittedX400Addresses []GeneralSubtreeRaw

+ PolicyIdentifiers []asn1.ObjectIdentifier

+ PublicKey interface{}

+ PublicKeyAlgorithm PublicKeyAlgorithm

+ PublicKeyAlgorithmOID asn1.ObjectIdentifier

+ QCStatements *QCStatements

+ QualifierId [][]asn1.ObjectIdentifier

+ Raw []byte

+ RawIssuer []byte

+ RawSubject []byte

+ RawSubjectPublicKeyInfo []byte

+ RawTBSCertificate []byte

+ RegisteredIDs []asn1.ObjectIdentifier

+ SPKIFingerprint CertificateFingerprint

+ SPKISubjectFingerprint CertificateFingerprint

+ SelfSigned bool

+ SerialNumber *big.Int

+ Signature []byte

+ SignatureAlgorithm SignatureAlgorithm

+ SignatureAlgorithmOID asn1.ObjectIdentifier

+ SignedCertificateTimestampList []*ct.SignedCertificateTimestamp

+ Subject pkix.Name

+ SubjectKeyId []byte

+ SubjectUniqueId asn1.BitString

+ TBSCertificateFingerprint CertificateFingerprint

+ TorServiceDescriptors []*TorServiceDescriptorHash

+ URIs []string

+ UnhandledCriticalExtensions []asn1.ObjectIdentifier

+ UnknownExtKeyUsage []asn1.ObjectIdentifier

+ ValidationLevel CertValidationLevel

+ ValidityPeriod int

+ Version int

+ func ParseCertificate(asn1Data []byte) (*Certificate, error)

+ func ParseCertificates(asn1Data []byte) ([]*Certificate, error)

+ func ParseTBSCertificate(asn1Data []byte) (*Certificate, error)

+ func (c *Certificate) CheckCRLSignature(crl *pkix.CertificateList) error

+ func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature []byte) (err error)

+ func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error)

+ func (c *Certificate) CollectAllNames() []string

+ func (c *Certificate) CreateCRL(rand io.Reader, priv interface{}, revokedCerts []pkix.RevokedCertificate, ...) (crlBytes []byte, err error)

+ func (c *Certificate) Equal(other *Certificate) bool

+ func (c *Certificate) GetParsedDNSNames(invalidateCache bool) []ParsedDomainName

+ func (c *Certificate) GetParsedSubjectCommonName(invalidateCache bool) ParsedDomainName

+ func (c *Certificate) MarshalJSON() ([]byte, error)

+ func (c *Certificate) PublicKeyAlgorithmName() string

+ func (c *Certificate) SignatureAlgorithmName() string

+ func (c *Certificate) SubjectAndKey() *SubjectAndKey

+ func (c *Certificate) TimeInValidityPeriod(t time.Time) bool

+ func (c *Certificate) UnmarshalJSON(b []byte) error

+ func (c *Certificate) ValidateWithStupidDetail(opts VerifyOptions) (chains []CertificateChain, validation *Validation, err error)

+ func (c *Certificate) Verify(opts VerifyOptions) (current, expired, never []CertificateChain, err error)

+ func (c *Certificate) VerifyHostname(h string) error

+ type CertificateChain []*Certificate

+ func FilterByDate(chains []CertificateChain, now time.Time) (current, expired, never []CertificateChain)

+ func (chain CertificateChain) AppendToFreshChain(c *Certificate) CertificateChain

+ func (chain CertificateChain) CertificateInChain(c *Certificate) bool

+ func (chain CertificateChain) CertificateSubjectAndKeyInChain(c *Certificate) bool

+ func (chain CertificateChain) Range(f func(int, *Certificate))

+ func (chain CertificateChain) SubjectAndKeyInChain(sk *SubjectAndKey) bool

+ type CertificateExtensions struct

+ AuthKeyID SubjAuthKeyId

+ AuthorityInfoAccess *AuthorityInfoAccess

+ BasicConstraints *BasicConstraints

+ CABFOrganizationIdentifier *CABFOrganizationIdentifier

+ CRLDistributionPoints CRLDistributionPoints

+ CertificatePolicies *CertificatePoliciesData

+ ExtendedKeyUsage *ExtendedKeyUsageExtension

+ IsPrecert IsPrecert

+ IssuerAltName *GeneralNames

+ KeyUsage KeyUsage

+ NameConstraints *NameConstraints

+ QCStatements *QCStatements

+ SignedCertificateTimestampList []*ct.SignedCertificateTimestamp

+ SubjectAltName *GeneralNames

+ SubjectKeyID SubjAuthKeyId

+ TorServiceDescriptors []*TorServiceDescriptorHash

+ type CertificateFingerprint []byte

+ func MD5Fingerprint(data []byte) CertificateFingerprint

+ func SHA1Fingerprint(data []byte) CertificateFingerprint

+ func SHA256Fingerprint(data []byte) CertificateFingerprint

+ func SHA512Fingerprint(data []byte) CertificateFingerprint

+ func (f *CertificateFingerprint) MarshalJSON() ([]byte, error)

+ func (f CertificateFingerprint) Equal(other CertificateFingerprint) bool

+ func (f CertificateFingerprint) Hex() string

+ type CertificateInvalidError struct

+ Cert *Certificate

+ Reason InvalidReason

+ func (e CertificateInvalidError) Error() string

+ type CertificatePolicies []CertificatePoliciesJSON

+ type CertificatePoliciesData struct

+ CPSUri [][]string

+ ExplicitTexts [][]string

+ NoticeRefNumbers [][]NoticeNumber

+ NoticeRefOrganization [][]string

+ PolicyIdentifiers []asn1.ObjectIdentifier

+ QualifierId [][]asn1.ObjectIdentifier

+ func (cp *CertificatePoliciesData) MarshalJSON() ([]byte, error)

+ type CertificatePoliciesJSON struct

+ CPSUri []string

+ PolicyIdentifier string

+ UserNotice []UserNoticeData

+ type CertificateRequest struct

+ Attributes []pkix.AttributeTypeAndValueSET

+ DNSNames []string

+ EmailAddresses []string

+ Extensions []pkix.Extension

+ ExtraExtensions []pkix.Extension

+ IPAddresses []net.IP

+ PublicKey interface{}

+ PublicKeyAlgorithm PublicKeyAlgorithm

+ Raw []byte

+ RawSubject []byte

+ RawSubjectPublicKeyInfo []byte

+ RawTBSCertificateRequest []byte

+ Signature []byte

+ SignatureAlgorithm SignatureAlgorithm

+ Subject pkix.Name

+ Version int

+ func ParseCertificateRequest(asn1Data []byte) (*CertificateRequest, error)

+ func (c *CertificateRequest) CheckSignature() error

+ type CertificateType int

+ const CertificateTypeIntermediate

+ const CertificateTypeLeaf

+ const CertificateTypeRoot

+ const CertificateTypeUnknown

+ func (t *CertificateType) UnmarshalJSON(b []byte) error

+ func (t CertificateType) MarshalJSON() ([]byte, error)

+ type ConstraintViolationError struct

+ func (ConstraintViolationError) Error() string

+ type DSAPublicKeyJSON struct

+ G []byte

+ P []byte

+ Q []byte

+ Y []byte

+ func GetDSAPublicKeyJSON(key *dsa.PublicKey) *DSAPublicKeyJSON

+ type ECDSAPublicKeyJSON struct

+ B []byte

+ Curve string

+ Gx []byte

+ Gy []byte

+ Length int

+ N []byte

+ P []byte

+ Pub []byte

+ X []byte

+ Y []byte

+ func GetAugmentedECDSAPublicKeyJSON(key *AugmentedECDSA) *ECDSAPublicKeyJSON

+ func GetECDSAPublicKeyJSON(key *ecdsa.PublicKey) *ECDSAPublicKeyJSON

+ type ExtKeyUsage int

+ const ExtKeyUsageAdobeAuthenticDocumentTrust

+ const ExtKeyUsageAny

+ const ExtKeyUsageAppleCodeSigning

+ const ExtKeyUsageAppleCodeSigningDevelopment

+ const ExtKeyUsageAppleCodeSigningThirdParty

+ const ExtKeyUsageAppleCryptoDevelopmentEnv

+ const ExtKeyUsageAppleCryptoEnv

+ const ExtKeyUsageAppleCryptoMaintenanceEnv

+ const ExtKeyUsageAppleCryptoProductionEnv

+ const ExtKeyUsageAppleCryptoQos

+ const ExtKeyUsageAppleCryptoTestEnv

+ const ExtKeyUsageAppleCryptoTier0Qos

+ const ExtKeyUsageAppleCryptoTier1Qos

+ const ExtKeyUsageAppleCryptoTier2Qos

+ const ExtKeyUsageAppleCryptoTier3Qos

+ const ExtKeyUsageAppleIchatEncryption

+ const ExtKeyUsageAppleIchatSigning

+ const ExtKeyUsageAppleResourceSigning

+ const ExtKeyUsageAppleSoftwareUpdateSigning

+ const ExtKeyUsageAppleSystemIdentity

+ const ExtKeyUsageClientAuth

+ const ExtKeyUsageCodeSigning

+ const ExtKeyUsageDvcs

+ const ExtKeyUsageEapOverLan

+ const ExtKeyUsageEapOverPpp

+ const ExtKeyUsageEmailProtection

+ const ExtKeyUsageIpsecEndSystem

+ const ExtKeyUsageIpsecIntermediateSystemUsage

+ const ExtKeyUsageIpsecTunnel

+ const ExtKeyUsageIpsecUser

+ const ExtKeyUsageMicrosoftCaExchange

+ const ExtKeyUsageMicrosoftCertTrustListSigning

+ const ExtKeyUsageMicrosoftCspSignature

+ const ExtKeyUsageMicrosoftDocumentSigning

+ const ExtKeyUsageMicrosoftDrm

+ const ExtKeyUsageMicrosoftDrmIndividualization

+ const ExtKeyUsageMicrosoftEfsRecovery

+ const ExtKeyUsageMicrosoftEmbeddedNtCrypto

+ const ExtKeyUsageMicrosoftEncryptedFileSystem

+ const ExtKeyUsageMicrosoftEnrollmentAgent

+ const ExtKeyUsageMicrosoftKernelModeCodeSigning

+ const ExtKeyUsageMicrosoftKeyRecovery21

+ const ExtKeyUsageMicrosoftKeyRecovery3

+ const ExtKeyUsageMicrosoftLicenseServer

+ const ExtKeyUsageMicrosoftLicenses

+ const ExtKeyUsageMicrosoftLifetimeSigning

+ const ExtKeyUsageMicrosoftMobileDeviceSoftware

+ const ExtKeyUsageMicrosoftNt5Crypto

+ const ExtKeyUsageMicrosoftOemWhqlCrypto

+ const ExtKeyUsageMicrosoftQualifiedSubordinate

+ const ExtKeyUsageMicrosoftRootListSigner

+ const ExtKeyUsageMicrosoftServerGatedCrypto

+ const ExtKeyUsageMicrosoftSgcSerialized

+ const ExtKeyUsageMicrosoftSmartDisplay

+ const ExtKeyUsageMicrosoftSmartcardLogon

+ const ExtKeyUsageMicrosoftSystemHealth

+ const ExtKeyUsageMicrosoftSystemHealthLoophole

+ const ExtKeyUsageMicrosoftTimestampSigning

+ const ExtKeyUsageMicrosoftWhqlCrypto

+ const ExtKeyUsageNetscapeServerGatedCrypto

+ const ExtKeyUsageOcspSigning

+ const ExtKeyUsageSbgpCertAaServiceAuth

+ const ExtKeyUsageServerAuth

+ const ExtKeyUsageTimeStamping

+ type ExtendedKeyUsage []ExtKeyUsage

+ type ExtendedKeyUsageExtension struct

+ Known ExtendedKeyUsage

+ Unknown []asn1.ObjectIdentifier

+ func (e *ExtendedKeyUsageExtension) MarshalJSON() ([]byte, error)

+ func (e *ExtendedKeyUsageExtension) UnmarshalJSON(b []byte) error

+ type GeneralNames struct

+ DNSNames []string

+ DirectoryNames []pkix.Name

+ EDIPartyNames []pkix.EDIPartyName

+ EmailAddresses []string

+ IPAddresses []net.IP

+ OtherNames []pkix.OtherName

+ RegisteredIDs []asn1.ObjectIdentifier

+ URIs []string

+ func (gn *GeneralNames) MarshalJSON() ([]byte, error)

+ func (gn *GeneralNames) UnmarshalJSON(b []byte) error

+ type GeneralSubtreeEdi struct

+ Data pkix.EDIPartyName

+ Max int

+ Min int

+ type GeneralSubtreeIP struct

+ Data net.IPNet

+ Max int

+ Min int

+ func (g *GeneralSubtreeIP) MarshalJSON() ([]byte, error)

+ func (g *GeneralSubtreeIP) UnmarshalJSON(b []byte) error

+ type GeneralSubtreeName struct

+ Data pkix.Name

+ Max int

+ Min int

+ type GeneralSubtreeOid struct

+ Data asn1.ObjectIdentifier

+ Max int

+ Min int

+ type GeneralSubtreeRaw struct

+ Data asn1.RawValue

+ Max int

+ Min int

+ type GeneralSubtreeString struct

+ Data string

+ Max int

+ Min int

+ type HostnameError struct

+ Certificate *Certificate

+ Host string

+ func (h HostnameError) Error() string

+ type InsecureAlgorithmError SignatureAlgorithm

+ func (e InsecureAlgorithmError) Error() string

+ type InvalidReason int

+ const CANotAuthorizedForThisDirectory

+ const CANotAuthorizedForThisEmail

+ const CANotAuthorizedForThisIP

+ const CANotAuthorizedForThisName

+ const Expired

+ const IncompatibleUsage

+ const IsSelfSigned

+ const NameMismatch

+ const NeverValid

+ const NotAuthorizedToSign

+ const TooManyIntermediates

+ type IsPrecert bool

+ type JSONCertificate struct

+ Extensions *CertificateExtensions

+ FingerprintMD5 CertificateFingerprint

+ FingerprintNoCT CertificateFingerprint

+ FingerprintSHA1 CertificateFingerprint

+ FingerprintSHA256 CertificateFingerprint

+ Issuer pkix.Name

+ IssuerDN string

+ Names []string

+ Redacted bool

+ SPKISubjectFingerprint CertificateFingerprint

+ SerialNumber string

+ Signature JSONSignature

+ SignatureAlgorithm JSONSignatureAlgorithm

+ Subject pkix.Name

+ SubjectDN string

+ SubjectKeyInfo JSONSubjectKeyInfo

+ TBSCertificateFingerprint CertificateFingerprint

+ UnknownExtensions UnknownCertificateExtensions

+ ValidationLevel CertValidationLevel

+ Validity JSONValidity

+ Version int

+ func (jc *JSONCertificate) UnmarshalJSON(b []byte) error

+ type JSONCertificateWithRaw struct

+ Raw []byte

+ func (c *JSONCertificateWithRaw) ParseRaw() (*Certificate, error)

+ type JSONSignature struct

+ SelfSigned bool

+ SignatureAlgorithm JSONSignatureAlgorithm

+ Valid bool

+ Value []byte

+ type JSONSignatureAlgorithm struct

+ Name string

+ OID pkix.AuxOID

+ type JSONSubjectKeyInfo struct

+ DSAPublicKey *DSAPublicKeyJSON

+ ECDSAPublicKey *ECDSAPublicKeyJSON

+ KeyAlgorithm PublicKeyAlgorithm

+ RSAPublicKey *jsonKeys.RSAPublicKey

+ SPKIFingerprint CertificateFingerprint

+ type JSONValidity struct

+ ValidityPeriod int

+ func (v *JSONValidity) MarshalJSON() ([]byte, error)

+ func (v *JSONValidity) UnmarshalJSON(b []byte) error

+ type KeyUsage int

+ const KeyUsageCRLSign

+ const KeyUsageCertSign

+ const KeyUsageContentCommitment

+ const KeyUsageDataEncipherment

+ const KeyUsageDecipherOnly

+ const KeyUsageDigitalSignature

+ const KeyUsageEncipherOnly

+ const KeyUsageKeyAgreement

+ const KeyUsageKeyEncipherment

+ func (k *KeyUsage) UnmarshalJSON(b []byte) error

+ func (k KeyUsage) MarshalJSON() ([]byte, error)

+ type MonetaryValue struct

+ Amount int

+ Currency string

+ CurrencyNumber int

+ Exponent int

+ type NameConstraints struct

+ Critical bool

+ ExcludedDNSNames []GeneralSubtreeString

+ ExcludedDirectoryNames []GeneralSubtreeName

+ ExcludedEdiPartyNames []GeneralSubtreeEdi

+ ExcludedEmailAddresses []GeneralSubtreeString

+ ExcludedIPAddresses []GeneralSubtreeIP

+ ExcludedRegisteredIDs []GeneralSubtreeOid

+ ExcludedURIs []GeneralSubtreeString

+ PermittedDNSNames []GeneralSubtreeString

+ PermittedDirectoryNames []GeneralSubtreeName

+ PermittedEdiPartyNames []GeneralSubtreeEdi

+ PermittedEmailAddresses []GeneralSubtreeString

+ PermittedIPAddresses []GeneralSubtreeIP

+ PermittedRegisteredIDs []GeneralSubtreeOid

+ PermittedURIs []GeneralSubtreeString

+ func (nc *NameConstraints) UnmarshalJSON(b []byte) error

+ func (nc NameConstraints) MarshalJSON() ([]byte, error)

+ type NameConstraintsJSON struct

+ Critical bool

+ ExcludedDNSNames []string

+ ExcludedDirectoryNames []pkix.Name

+ ExcludedEdiPartyNames []pkix.EDIPartyName

+ ExcludedEmailAddresses []string

+ ExcludedIPAddresses []GeneralSubtreeIP

+ ExcludedRegisteredIDs []string

+ ExcludedURIs []string

+ PermittedDNSNames []string

+ PermittedDirectoryNames []pkix.Name

+ PermittedEdiPartyNames []pkix.EDIPartyName

+ PermittedEmailAddresses []string

+ PermittedIPAddresses []GeneralSubtreeIP

+ PermittedRegisteredIDs []string

+ PermittedURIs []string

+ type NoticeNumber []int

+ type NoticeReference struct

+ NoticeNumbers NoticeNumber

+ Organization string

+ type PDSLocation struct

+ Language string

+ URL string

+ type PDSLocations struct

+ Locations []PDSLocation

+ type PEMCipher int

+ const PEMCipher3DES

+ const PEMCipherAES128

+ const PEMCipherAES192

+ const PEMCipherAES256

+ const PEMCipherDES

+ type ParsedDomainName struct

+ DomainString string

+ ParseError error

+ ParsedDomain *publicsuffix.DomainName

+ type ParsedQCStatements struct

+ ETSICompliance []bool

+ Legislation []QCLegistation

+ Limit []MonetaryValue

+ PDSLocations []PDSLocations

+ RetentionPeriod []int

+ SSCD []bool

+ Types []QCType

+ type PublicKeyAlgorithm int

+ const DSA

+ const ECDSA

+ const Ed25519

+ const RSA

+ const UnknownPublicKeyAlgorithm

+ const X25519

+ func (p *PublicKeyAlgorithm) MarshalJSON() ([]byte, error)

+ func (p *PublicKeyAlgorithm) UnmarshalJSON(b []byte) error

+ func (p PublicKeyAlgorithm) String() string

+ type QCLegistation struct

+ CountryCodes []string

+ type QCStatementASN struct

+ StatementID asn1.ObjectIdentifier

+ StatementInfo asn1.RawValue

+ func (s *QCStatementASN) MarshalJSON() ([]byte, error)

+ type QCStatements struct

+ ParsedStatements *ParsedQCStatements

+ StatementIDs []string

+ func (q *QCStatements) Parse(in *QCStatementsASN) error

+ type QCStatementsASN struct

+ QCStatements []QCStatementASN

+ type QCType struct

+ TypeIdentifiers []asn1.ObjectIdentifier

+ func (qt *QCType) MarshalJSON() ([]byte, error)

+ type SignatureAlgorithm int

+ const DSAWithSHA1

+ const DSAWithSHA256

+ const ECDSAWithSHA1

+ const ECDSAWithSHA256

+ const ECDSAWithSHA384

+ const ECDSAWithSHA512

+ const Ed25519Sig

+ const MD2WithRSA

+ const MD5WithRSA

+ const SHA1WithRSA

+ const SHA256WithRSA

+ const SHA256WithRSAPSS

+ const SHA384WithRSA

+ const SHA384WithRSAPSS

+ const SHA512WithRSA

+ const SHA512WithRSAPSS

+ const UnknownSignatureAlgorithm

+ func GetSignatureAlgorithmFromAI(ai pkix.AlgorithmIdentifier) SignatureAlgorithm

+ func (algo SignatureAlgorithm) String() string

+ func (s *SignatureAlgorithm) MarshalJSON() ([]byte, error)

+ func (s *SignatureAlgorithm) UnmarshalJSON(b []byte) error

+ type SignatureAlgorithmOID asn1.ObjectIdentifier

+ type SubjAuthKeyId []byte

+ func (kid SubjAuthKeyId) MarshalJSON() ([]byte, error)

+ type SubjectAndKey struct

+ Fingerprint CertificateFingerprint

+ PublicKey interface{}

+ PublicKeyAlgorithm PublicKeyAlgorithm

+ RawSubject []byte

+ RawSubjectPublicKeyInfo []byte

+ type SystemRootsError struct

+ Err error

+ func (se SystemRootsError) Error() string

+ type TorServiceDescriptorHash struct

+ Algorithm pkix.AlgorithmIdentifier

+ AlgorithmName string

+ Hash CertificateFingerprint

+ HashBits int

+ Onion string

+ type UnhandledCriticalExtension struct

+ func (h UnhandledCriticalExtension) Error() string

+ type UnknownAuthorityError struct

+ Cert *Certificate

+ func (e UnknownAuthorityError) Error() string

+ type UnknownCertificateExtensions []pkix.Extension

+ type UserNoticeData struct

+ ExplicitText string

+ NoticeReference []NoticeReference

+ type Validation struct

+ BrowserError string

+ BrowserTrusted bool

+ Domain string

+ MatchesDomain bool

+ type VerifyOptions struct

+ CurrentTime time.Time

+ DNSName string

+ EmailAddress string

+ IPAddress net.IP

+ Intermediates *CertPool

+ KeyUsages []ExtKeyUsage

+ Roots *CertPool

+ type X25519PublicKey []byte