Documentation
¶
Overview ¶
the tls package allows you to create and verify various kinds of tls certificates note: this library is mostly used for testing various certificate chains
Index ¶
- Constants
- Variables
- func AddHostToTemplate(host string, template *x509.Certificate)
- func MakeSubject() pkix.Name
- func VerifyCertificate(cert TlsCert) (isValid bool, err error)
- func VerifyDCA(root, dca *x509.Certificate) (bool, error)
- func VerifyKeyPair(rsaPublicKey, rsaPrivateKey string) (isValid bool, err error)
- func VerifyLow(root, DCA, child *x509.Certificate) (bool, error)
- func VerifyLowNoDca(root, child *x509.Certificate) (bool, error)
- type TlsCert
- type TlsParams
Constants ¶
View Source
const ( P224 = "P224" P256 = "P256" P384 = "P384" P521 = "P521" )
curve types for rsa keys
Variables ¶
Functions ¶
func AddHostToTemplate ¶
func AddHostToTemplate(host string, template *x509.Certificate)
func MakeSubject ¶
func VerifyCertificate ¶
verify a tls key parir is valid
func VerifyDCA ¶
func VerifyDCA(root, dca *x509.Certificate) (bool, error)
verify a dca certificate against it's parent
func VerifyKeyPair ¶
func VerifyLow ¶
func VerifyLow(root, DCA, child *x509.Certificate) (bool, error)
verify a server certificate against it's chain
func VerifyLowNoDca ¶
func VerifyLowNoDca(root, child *x509.Certificate) (bool, error)
verify a server certificate against it's chain
Types ¶
type TlsCert ¶
type TlsCert struct { CertType string // certificate.pem (public key) PublicKey string // key.pem (private key) PrivateKey string // Certificate Certificate *x509.Certificate // private key Key interface{} // parameters ( Params TlsParams }
params returned by certificate generator
func MakeCertificate ¶
Create a tls certificate adapted from https://golang.org/src/crypto/tls/generate_cert.go
func MakeCertificateDefault ¶
func (TlsCert) MakeServerCertificate ¶
generate a dca certificate from a rootc
type TlsParams ¶
type TlsParams struct { // Comma-separated hostnames and IPs to generate a certificate for Host string // Creation date formatted as Jan 1 15:04:05 2011 ValidFrom time.Time // Duration that certificate is valid for ValidFor time.Duration // whether this cert should be its own Certificate Authority IsCa bool // Size of RSA key to generate. Ignored if EcdsaCurve is set RsaBits int // ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521 EcdsaCurve string // Generate an Ed25519 key Ed25519 bool }
params for creating a tls cert
func DefaultTlsParams ¶
func DefaultTlsParams() TlsParams
default params for creating a tls cert a function for immutability
Click to show internal directories.
Click to hide internal directories.