certs

package
v0.0.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 27, 2024 License: MIT Imports: 30 Imported by: 0

Documentation

Overview

Package certs provides functions for X.509 certificate management.

Index

Constants

View Source 
const AuthorityKeyIdentifierExtensionName = "AuthorityKeyIdentifier"
View Source 
const AuthorityKeyIdentifierExtensionOID = "2.5.29.35"
View Source 
const BasicConstraintsExtensionName = "BasicConstraints"
View Source 
const BasicConstraintsExtensionOID = "2.5.29.19"
View Source 
const ExtKeyUsageExtensionName = "ExtKeyUsage"
View Source 
const ExtKeyUsageExtensionOID = "2.5.29.37"
View Source 
const KeyUsageExtensionName = "KeyUsage"
View Source 
const KeyUsageExtensionOID = "2.5.29.15"
View Source 
const SubjectAlternativeName = "SubjectAlternative"
View Source 
const SubjectAlternativeOID = "2.5.29.17"
View Source 
const SubjectKeyIdentifierExtensionName = "SubjectKeyIdentifier"
View Source 
const SubjectKeyIdentifierExtensionOID = "2.5.29.14"

Variables

This section is empty.

Functions

func BasicConstraintsString 

func BasicConstraintsString(isCA bool, maxPathLen int, maxPathLenZero bool) string

func ExportDER 

func ExportDER(out io.Writer, certificate *x509.Certificate, chain []*x509.Certificate, key crypto.PrivateKey) error

func ExportPEM 

func ExportPEM(out io.Writer, certificate *x509.Certificate, chain []*x509.Certificate, key crypto.PrivateKey) error

func ExportPKCS12 

func ExportPKCS12(out io.Writer, certificate *x509.Certificate, chain []*x509.Certificate, key crypto.PrivateKey, password string) error

func ExtKeyUsageString 

func ExtKeyUsageString(extKeyUsage []x509.ExtKeyUsage, unknownExtKeyUsage []asn1.ObjectIdentifier) string

func FetchCertificates 

func FetchCertificates(url string) ([]*x509.Certificate, error)

FetchCertificates fetches X.509 certificates from the given URL.

func IsIssuedBy 

func IsIssuedBy(cert *x509.Certificate, issuer *x509.Certificate) bool

IsIssuedBy checks whether the given certificate has been issued/signed by the given issuer certificate.

func IsRoot 

func IsRoot(cert *x509.Certificate) bool

IsRoot checks whether the given certificate is a root certificate.

func KeyIdentifierString 

func KeyIdentifierString(keyId []byte) string

func KeyUsageString 

func KeyUsageString(keyUsage x509.KeyUsage) string

func ParseDN 

func ParseDN(dn string) (*pkix.Name, error)

ParseDN parses a X.509 certificate's Distinguished Name (DN) attribute.

func RawExtensionString 

func RawExtensionString(extension []byte) string

func ReadCertificates 

func ReadCertificates(in io.Reader) ([]*x509.Certificate, error)

ReadCertificates reads X.509 certificates from the given io.Reader.

func ReadCertificatesFile 

func ReadCertificatesFile(filename string) ([]*x509.Certificate, error)

ReadCertificatesFile reads X.509 certificates from the given file name.

func ReadKey added in v0.0.12 

func ReadKey(in io.Reader) (crypto.PrivateKey, error)

ReadKey reads a private key from the given io.Reader.

func ReadKeyFile added in v0.0.12 

func ReadKeyFile(filename string) (crypto.PrivateKey, error)

ReadKeyFile reads a private key from the given file name.

func ServerCertificates 

func ServerCertificates(network string, addr string) ([]*x509.Certificate, error)

ServerCertificates gets the X.509 certificates used for encrypting the connection to the given server.

The server protocol must be TLS based (e.g. https, ldaps). The certificates are retrieved during the TLS handshake.

func SubjectAlternativeString added in v0.0.11 

func SubjectAlternativeString(dnsNames []string, emailNames []string, ipNames []net.IP, uriNames []*url.URL) string

func WriteCertificatesDER 

func WriteCertificatesDER(out io.Writer, certificates []*x509.Certificate) error

WriteCertificatesDER writes X.509 certificates in DER format to the given io.Writer.

func WriteCertificatesDERFile 

func WriteCertificatesDERFile(filename string, certificates []*x509.Certificate, perm os.FileMode) error

WriteCertificatesDERFile writes X.509 certificates in DER format to the given file.

func WriteCertificatesPEM 

func WriteCertificatesPEM(out io.Writer, certificates []*x509.Certificate) error

WriteCertificatesPEM writes X.509 certificates in PEM format to the given io.Writer.

func WriteCertificatesPEMFile 

func WriteCertificatesPEMFile(filename string, certificates []*x509.Certificate, perm os.FileMode) error

WriteCertificatesPEMFile writes X.509 certificates in PEM format to the given file name.

func WriteKeyDER added in v0.0.12 

func WriteKeyDER(out io.Writer, key crypto.PrivateKey) error

WriteKeyDER writes a private key in DER format to the given io.Writer.

func WriteKeyDERFile added in v0.0.12 

func WriteKeyDERFile(filename string, key crypto.PrivateKey, perm os.FileMode) error

WriteKeyDERFile writes a private key in DER format to the given file.

func WriteKeyPEM added in v0.0.12 

func WriteKeyPEM(out io.Writer, key crypto.PrivateKey) error

WriteKeyPEM writes a private key in PEM format to the given io.Writer.

func WriteKeyPEMFile added in v0.0.12 

func WriteKeyPEMFile(filename string, key crypto.PrivateKey, perm os.FileMode) error

WriteKeyPEMFile writes a private key in PEM format to the given file name.

Types

type CertificateFactory 

type CertificateFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 certificate.
	New() (crypto.PrivateKey, *x509.Certificate, error)
}

CertificateFactory interface provides a unified way to create X.509 certificates.

func NewACMECertificateFactory 

func NewACMECertificateFactory(certificateRequest *acme.CertificateRequest, keyPairFactory keys.KeyPairFactory) CertificateFactory

NewACMECertificateFactory creates a new certificate factory for ACME based certificates.

func NewLocalCertificateFactory 

func NewLocalCertificateFactory(template *x509.Certificate, keyPairFactory keys.KeyPairFactory, parent *x509.Certificate, signer crypto.PrivateKey) CertificateFactory

NewLocalCertificateFactory creates a new certificate factory for locally issued certificates.

func NewRemoteCertificateFactory 

func NewRemoteCertificateFactory(template *x509.Certificate, request *x509.CertificateRequest, parent *x509.Certificate, signer crypto.PrivateKey) CertificateFactory

NewRemoteCertificateFactory creates a new certificate factory for request based certificates.

type CertificateRequestFactory 

type CertificateRequestFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 certificate request.
	New() (crypto.PrivateKey, *x509.CertificateRequest, error)
}

CertificateRequestFactory interface provides a unified way to create X.509 certificate requests.

func NewRemoteCertificateRequestFactory 

func NewRemoteCertificateRequestFactory(template *x509.CertificateRequest, keyPairFactory keys.KeyPairFactory) CertificateRequestFactory

NewRemoteCertificateRequestFactory creates a new certificate request factory for remotely signed certificates.

type RevocationListFactory 

type RevocationListFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 revocation list.
	New(issuer *x509.Certificate, signer crypto.PrivateKey) (*x509.RevocationList, error)
}

RevocationListFactory interface provides a unified way to create X.509 revocation lists.

func NewLocalRevocationListFactory 

func NewLocalRevocationListFactory(template *x509.RevocationList) RevocationListFactory

NewLocalRevocationListFactory creates a new revocation list factory for locally issued certificates.

Source Files

View all Source files

Directories

Path Synopsis
Package acme provides [LEGO] related utility functions.
 Package acme provides [LEGO] related utility functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.