pemutil

package
v0.0.2-rc.12 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 28, 2018 License: MIT Imports: 22 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var DefaultEncCipher = x509.PEMCipherAES256

DefaultEncCipher is the default algorithm used when encrypting sensitive data in the PEM format.

Functions

func DecryptPEMBlock

func DecryptPEMBlock(block *pem.Block, password []byte) ([]byte, error)

DecryptPEMBlock takes a password encrypted PEM block and the password used to encrypt it and returns a slice of decrypted DER encoded bytes.

If the PEM blocks has the Proc-Type header set to "4,ENCRYPTED" it uses x509.DecryptPEMBlock to decrypt the block. If not it tries to decrypt the block using AES-128-CBC, AES-192-CBC, AES-256-CBC, DES, or 3DES using the key derived using PBKDF2 over the given password.

func Parse

func Parse(b []byte, opts ...Options) (interface{}, error)

Parse returns the key or certificate PEM-encoded in the given bytes.

func ParsePKCS8PrivateKey

func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error)

ParsePKCS8PrivateKey parses an unencrypted, PKCS#8 private key. See RFC 5208.

Supported key types include RSA, ECDSA, and Ed25519. Unknown key types result in an error.

On success, key will be of type *rsa.PrivateKey, *ecdsa.PublicKey, or ed25519.PrivateKey.

func ParsePKIXPublicKey

func ParsePKIXPublicKey(derBytes []byte) (pub interface{}, err error)

ParsePKIXPublicKey parses a DER encoded public key. These values are typically found in PEM blocks with "BEGIN PUBLIC KEY".

Supported key types include RSA, DSA, ECDSA, and Ed25519. Unknown key types result in an error.

On success, pub will be of type *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey, or ed25519.PublicKey.

func Read

func Read(filename string, opts ...Options) (interface{}, error)

Read returns the key or certificate encoded in the given PEM file. If the file is encrypted it will ask for a password and it will try to decrypt it.

Supported keys algorithms are RSA and EC. Supported standards for private keys are PKCS#1, PKCS#8, RFC5915 for EC, and base64-encoded DER for certificates and public keys.

func ReadCertificate

func ReadCertificate(filename string) (*x509.Certificate, error)

ReadCertificate returns a *x509.Certificate from the given filename. It supports certificates formats PEM and DER.

func Serialize

func Serialize(in interface{}, opts ...func(*pem.Block) error) (*pem.Block, error)

Serialize will serialize the input to a PEM formatted block and apply modifiers.

func ToFile

func ToFile(f string, perm os.FileMode) func(*pem.Block) error

ToFile is modifier a for **Serialize** that will right the PEM formatted data to disk.

NOTE: This modifier should be the last in the list of options passed to Serialize. Otherwise, transformation on the *pem.Block may not be completed at the time of encoding to disk.

func WithEncryption

func WithEncryption(pass []byte) func(*pem.Block) error

WithEncryption is a modifier for **Serialize** that will encrypt the PEM formatted data using the given key and a sane default cipher.

Types

type Options

type Options func(o *context)

Options is the type to add attributes to the context.

func WithFilename

func WithFilename(name string) Options

WithFilename is a method that adds the given filename to the context.

func WithPassword

func WithPassword(pass []byte) Options

WithPassword is a method that adds the given password to the context.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL