Documentation ¶
Index ¶
- Constants
- Variables
- func B64Decode(str string) (buf []byte, err error)
- func B64Encode(buf []byte) string
- func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP core.CryptoSuite) (core.Key, crypto.Signer, error)
- func CreateToken(csp core.CryptoSuite, cert []byte, key core.Key, method, uri string, ...) (string, error)
- func FileExists(name string) bool
- func GenECDSAToken(csp core.CryptoSuite, cert []byte, key core.Key, method, uri string, ...) (string, error)
- func GetEnrollmentIDFromPEM(cert []byte) (string, error)
- func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string
- func GetMaskedURL(url string) string
- func GetSerialAsHex(serial *big.Int) string
- func GetSignerFromCert(cert *x509.Certificate, csp core.CryptoSuite) (core.Key, crypto.Signer, error)
- func GetSignerFromCertFile(certFile string, csp core.CryptoSuite) (core.Key, crypto.Signer, *x509.Certificate, error)
- func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)
- func HTTPRequestToString(req *http.Request) string
- func HTTPResponseToString(resp *http.Response) string
- func ImportBCCSPKeyFromPEM(keyFile string, myCSP core.CryptoSuite, temporary bool) (core.Key, error)
- func ImportBCCSPKeyFromPEMBytes(keyBuff []byte, myCSP core.CryptoSuite, temporary bool) (core.Key, error)
- func LoadX509KeyPair(certFile, keyFile []byte, csp core.CryptoSuite) (*tls.Certificate, error)
- func MakeFileAbs(file, dir string) (string, error)
- func Marshal(from interface{}, what string) ([]byte, error)
- func ReadFile(file string) ([]byte, error)
- func StructToString(si interface{}) string
- func WriteFile(file string, buf []byte, perm os.FileMode) error
- type ECDSASignature
Constants ¶
const SecretTag = "mask"
SecretTag to tag a field as secret as in password, token
Variables ¶
var ( // ErrNotImplemented used to return errors for functions not implemented ErrNotImplemented = errors.New("NOT YET IMPLEMENTED") )
var RevocationReasonCodes = map[string]int{ "unspecified": ocsp.Unspecified, "keycompromise": ocsp.KeyCompromise, "cacompromise": ocsp.CACompromise, "affiliationchanged": ocsp.AffiliationChanged, "superseded": ocsp.Superseded, "cessationofoperation": ocsp.CessationOfOperation, "certificatehold": ocsp.CertificateHold, "removefromcrl": ocsp.RemoveFromCRL, "privilegewithdrawn": ocsp.PrivilegeWithdrawn, "aacompromise": ocsp.AACompromise, }
RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280
var URLRegex = regexp.MustCompile("(ldap|http)s*://(\\S+):(\\S+)@")
URLRegex is the regular expression to check if a value is an URL
Functions ¶
func BCCSPKeyRequestGenerate ¶
func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP core.CryptoSuite) (core.Key, crypto.Signer, error)
BCCSPKeyRequestGenerate generates keys through BCCSP somewhat mirroring to cfssl/req.KeyRequest.Generate()
func CreateToken ¶
func GenECDSAToken ¶
func GenECDSAToken(csp core.CryptoSuite, cert []byte, key core.Key, method, uri string, body []byte, fabCACompatibilityMode bool) (string, error)
GenECDSAToken signs the http body and cert with ECDSA using EC private key
func GetEnrollmentIDFromPEM ¶
GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer
func GetEnrollmentIDFromX509Certificate ¶
func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string
GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate
func GetMaskedURL ¶
GetMaskedURL returns masked URL. It masks username and password from the URL if present
func GetSerialAsHex ¶
GetSerialAsHex returns the serial number from certificate as hex format
func GetSignerFromCert ¶
func GetSignerFromCert(cert *x509.Certificate, csp core.CryptoSuite) (core.Key, crypto.Signer, error)
GetSignerFromCert load private key represented by ski and return bccsp signer that conforms to crypto.Signer
func GetSignerFromCertFile ¶
func GetSignerFromCertFile(certFile string, csp core.CryptoSuite) (core.Key, crypto.Signer, *x509.Certificate, error)
GetSignerFromCertFile load skiFile and load private key represented by ski and return bccsp signer that conforms to crypto.Signer
func GetX509CertificateFromPEM ¶
func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)
GetX509CertificateFromPEM get an X509 certificate from bytes in PEM format
func HTTPRequestToString ¶
HTTPRequestToString returns a string for an HTTP request for debuggging
func HTTPResponseToString ¶
HTTPResponseToString returns a string for an HTTP response for debuggging
func ImportBCCSPKeyFromPEM ¶
func ImportBCCSPKeyFromPEM(keyFile string, myCSP core.CryptoSuite, temporary bool) (core.Key, error)
ImportBCCSPKeyFromPEM attempts to create a private BCCSP key from a pem file keyFile
func ImportBCCSPKeyFromPEMBytes ¶
func ImportBCCSPKeyFromPEMBytes(keyBuff []byte, myCSP core.CryptoSuite, temporary bool) (core.Key, error)
ImportBCCSPKeyFromPEMBytes attempts to create a private BCCSP key from a pem byte slice
func LoadX509KeyPair ¶
func LoadX509KeyPair(certFile, keyFile []byte, csp core.CryptoSuite) (*tls.Certificate, error)
LoadX509KeyPair reads and parses a public/private key pair from a pair of files. The files must contain PEM encoded data. The certificate file may contain intermediate certificates following the leaf certificate to form a certificate chain. On successful return, Certificate.Leaf will be nil because the parsed form of the certificate is not retained.
This function originated from crypto/tls/tls.go and was adapted to use a BCCSP Signer
func MakeFileAbs ¶
MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute
func StructToString ¶
func StructToString(si interface{}) string
StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string
Types ¶
type ECDSASignature ¶
ECDSASignature forms the structure for R and S value for ECDSA