Documentation
¶
Index ¶
- func CertificateRequestText(csr *x509.CertificateRequest) (string, error)
- func CertificateText(cert *x509.Certificate) (string, error)
- func Decrypt(r string, priPem []byte) ([]byte, error)
- func Encrypt(raw []byte, pemBytes []byte) (string, error)
- func GenerateCRL(ca, key []byte, revokingCert []byte, existedRevoked ...pkix.RevokedCertificate) ([]byte, error)
- func GenerateCRLWithExistedList(ca, key []byte, existedRevoked ...pkix.RevokedCertificate) ([]byte, error)
- func GenerateGMSelfSignedCertKey(commonName string) ([]byte, []byte, error)
- func GeneratePrivateAndPublicKeyPEM() (pri []byte, pub []byte, _ error)
- func GeneratePrivateAndPublicKeyPEMWithPrivateFormatter(t string) (pri []byte, pub []byte, _ error)
- func GenerateSelfSignedCertKey(host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)
- func GenerateSelfSignedCertKeyWithCommonName(commonName, host string, alternateIPs []net.IP, alternateDNS []string) ([]byte, []byte, error)
- func GenerateSelfSignedCertKeyWithCommonNameEx(commonName, host string, alternateIPs []net.IP, alternateDNS []string, ...) ([]byte, []byte, error)
- func GenerateSelfSignedCertKeyWithCommonNameWithPrivateKey(commonName, host string, alternateIPs []net.IP, alternateDNS []string, ...) ([]byte, []byte, error)
- func GetX509GMServerTlsConfigWithAuth(ca, server, serverKey []byte, auth bool) (*gmtls.Config, error)
- func GetX509MutualAuthClientTlsConfig(clientCrt, clientPriv []byte, caCrts ...[]byte) (*tls.Config, error)
- func GetX509MutualAuthServerTlsConfig(caPemRaw, serverCrt, keyPriv []byte) (*tls.Config, error)
- func GetX509ServerTlsConfig(caPemRaw, serverCrt, keyPriv []byte) (*tls.Config, error)
- func GetX509ServerTlsConfigWithAuth(caPemRaw, serverCrt, keyPriv []byte, auth bool) (*tls.Config, error)
- func MergeBlock(raw []string) ([]byte, error)
- func NewDefaultTLSServer(conn net.Conn) *tls.Conn
- func ParseCertAndPriKeyAndPool(clientCrt, clientPriv []byte, caCrts ...[]byte) (tls.Certificate, *x509.CertPool, error)
- func ParseCertAndPriKeyAndPoolForGM(clientCrt, clientPriv []byte, caCrts ...[]byte) (gmtls.Certificate, *x509gm.CertPool, error)
- func ParsePEMCRL(ca []byte) ([]pkix.RevokedCertificate, error)
- func ParsePEMCRLRaw(ca []byte) (*pkix.CertificateList, error)
- func ParsePEMCert(crt []byte) (*x509.Certificate, error)
- func ParsePEMCertificate(ca []byte) (*x509.Certificate, error)
- func ParsePEMCertificateAndKey(ca, key []byte) (*x509.Certificate, *rsa.PrivateKey, error)
- func PemPkcs1v15Decrypt(pemPriBytes []byte, data interface{}) ([]byte, error)
- func PemPkcs1v15Encrypt(pemBytes []byte, data interface{}) ([]byte, error)
- func PemPkcsOAEPDecrypt(pemPriBytes []byte, data interface{}) ([]byte, error)
- func PemPkcsOAEPEncrypt(pemBytes []byte, data interface{}) ([]byte, error)
- func RSAGenerateKeyPair(bitSize int) ([]byte, []byte, error)
- func SM2GenerateKeyPair() ([]byte, []byte, error)
- func SelfSignCACertificateAndPrivateKey(common string, opts ...SelfSignConfigOpt) ([]byte, []byte, error)
- func SignClientCrtNKey(ca, key []byte) ([]byte, []byte, error)
- func SignClientCrtNKeyEx(ca []byte, key []byte, commonName string, auth bool) (cert []byte, sKey []byte, _ error)
- func SignClientCrtNKeyWithParams(ca, key []byte, cn string, notAfter time.Time, x509Auth bool) (cert []byte, skey []byte, _ error)
- func SignGMServerCrtNKeyWithParams(ca []byte, privateKey []byte, cn string, notAfter time.Time, auth bool) ([]byte, []byte, error)
- func SignServerCrtNKey(ca []byte, key []byte) (cert []byte, sKey []byte, _ error)
- func SignServerCrtNKeyEx(ca []byte, key []byte, commonName string, auth bool) (cert []byte, sKey []byte, _ error)
- func SignServerCrtNKeyWithParams(ca []byte, key []byte, cn string, notAfter time.Time, authClient bool) (cert []byte, sKey []byte, _ error)
- func SplitBlock(raw []byte, blockSize int) ([]string, error)
- func TestConnToH2(t *testing.T)
- type HandshakeClientHello
- type HandshakeClientHelloExt
- type SelfSignConfig
- type SelfSignConfigOpt
- type TLSInspectResult
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CertificateRequestText ¶
func CertificateRequestText(csr *x509.CertificateRequest) (string, error)
CertificateRequestText returns a human-readable string representation of the certificate request csr. The format is similar (but not identical) to the OpenSSL way of printing certificates.
func CertificateText ¶
func CertificateText(cert *x509.Certificate) (string, error)
CertificateText returns a human-readable string representation of the certificate cert. The format is similar (but not identical) to the OpenSSL way of printing certificates.
func GenerateCRL ¶
func GenerateCRLWithExistedList ¶
func GenerateCRLWithExistedList(ca, key []byte, existedRevoked ...pkix.RevokedCertificate) ([]byte, error)
func GeneratePrivateAndPublicKeyPEMWithPrivateFormatter ¶ added in v1.2.2
func GetX509ServerTlsConfig ¶
func MergeBlock ¶
func ParsePEMCRL ¶
func ParsePEMCRL(ca []byte) ([]pkix.RevokedCertificate, error)
func ParsePEMCRLRaw ¶
func ParsePEMCRLRaw(ca []byte) (*pkix.CertificateList, error)
func ParsePEMCert ¶
func ParsePEMCert(crt []byte) (*x509.Certificate, error)
func ParsePEMCertificate ¶
func ParsePEMCertificate(ca []byte) (*x509.Certificate, error)
func ParsePEMCertificateAndKey ¶
func ParsePEMCertificateAndKey(ca, key []byte) (*x509.Certificate, *rsa.PrivateKey, error)
func PemPkcs1v15Decrypt ¶
func PemPkcs1v15Encrypt ¶
func PemPkcsOAEPDecrypt ¶ added in v1.2.2
func PemPkcsOAEPEncrypt ¶ added in v1.2.2
func SM2GenerateKeyPair ¶
func SelfSignCACertificateAndPrivateKey ¶
func SelfSignCACertificateAndPrivateKey(common string, opts ...SelfSignConfigOpt) ([]byte, []byte, error)
func SignClientCrtNKeyEx ¶
func SignServerCrtNKey ¶
func SignServerCrtNKeyEx ¶
func TestConnToH2 ¶
Types ¶
type HandshakeClientHello ¶
type HandshakeClientHello struct {
Random []byte
Session []byte
CipherSuite []byte
CompressionMethods []byte
ExtensionsRaw []byte
Extensions []*HandshakeClientHelloExt
// contains filtered or unexported fields
}
func ParseClientHello ¶
func ParseClientHello(data []byte) (*HandshakeClientHello, error)
ParseClientHello parses a ClientHello message from the given data. It returns the parsed message and the number of bytes consumed.
func (*HandshakeClientHello) ALPN ¶
func (h *HandshakeClientHello) ALPN() []string
func (*HandshakeClientHello) MaybeHttp ¶
func (h *HandshakeClientHello) MaybeHttp() bool
func (*HandshakeClientHello) SNI ¶
func (h *HandshakeClientHello) SNI() string
type HandshakeClientHelloExt ¶
func (*HandshakeClientHelloExt) IsALPN ¶
func (h *HandshakeClientHelloExt) IsALPN() ([]string, bool)
func (*HandshakeClientHelloExt) IsSNI ¶
func (h *HandshakeClientHelloExt) IsSNI() (string, bool)
type SelfSignConfig ¶
type SelfSignConfigOpt ¶
type SelfSignConfigOpt func(*SelfSignConfig)
func WithSelfSign_EnableAuth ¶
func WithSelfSign_EnableAuth(b bool) SelfSignConfigOpt
func WithSelfSign_NotAfter ¶
func WithSelfSign_NotAfter(t time.Time) SelfSignConfigOpt
func WithSelfSign_NotBefore ¶
func WithSelfSign_NotBefore(t time.Time) SelfSignConfigOpt
func WithSelfSign_PrivateKey ¶
func WithSelfSign_PrivateKey(p *rsa.PrivateKey) SelfSignConfigOpt
func WithSelfSign_SignTo ¶
func WithSelfSign_SignTo(s ...string) SelfSignConfigOpt
type TLSInspectResult ¶
type TLSInspectResult struct {
Description string
Raw []byte
RelativeDomains []string
RelativeEmail []string
RelativeAccount []string
RelativeURIs []string
}
func TLSInspect ¶
func TLSInspect(addr string) ([]*TLSInspectResult, error)
func (TLSInspectResult) Show ¶
func (t TLSInspectResult) Show()
func (TLSInspectResult) String ¶
func (t TLSInspectResult) String() string
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.