util

package
v1.0.0-alpha3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2018 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

View Source
const SecretTag = "mask"

SecretTag to tag a field as secret as in password, token

Variables

View Source
var (

	// ErrNotImplemented used to return errors for functions not implemented
	ErrNotImplemented = errors.New("NOT YET IMPLEMENTED")
)
View Source
var RevocationReasonCodes = map[string]int{
	"unspecified":          ocsp.Unspecified,
	"keycompromise":        ocsp.KeyCompromise,
	"cacompromise":         ocsp.CACompromise,
	"affiliationchanged":   ocsp.AffiliationChanged,
	"superseded":           ocsp.Superseded,
	"cessationofoperation": ocsp.CessationOfOperation,
	"certificatehold":      ocsp.CertificateHold,
	"removefromcrl":        ocsp.RemoveFromCRL,
	"privilegewithdrawn":   ocsp.PrivilegeWithdrawn,
	"aacompromise":         ocsp.AACompromise,
}

RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280

View Source
var URLRegex = regexp.MustCompile("(ldap|http)s*://(\\S+):(\\S+)@")

URLRegex is the regular expression to check if a value is an URL

Functions

func B64Decode

func B64Decode(str string) (buf []byte, err error)

B64Decode base64 decodes a string

func B64Encode

func B64Encode(buf []byte) string

B64Encode base64 encodes bytes

func BCCSPKeyRequestGenerate

func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP core.CryptoSuite) (core.Key, crypto.Signer, error)

BCCSPKeyRequestGenerate generates keys through BCCSP somewhat mirroring to cfssl/req.KeyRequest.Generate()

func CreateToken

func CreateToken(csp core.CryptoSuite, cert []byte, key core.Key, body []byte) (string, error)

CreateToken creates a JWT-like token. In a normal JWT token, the format of the token created is:

<algorithm,claims,signature>

where each part is base64-encoded string separated by a period. In this JWT-like token, there are two differences:

  1. the claims section is a certificate, so the format is: <certificate,signature>
  2. the signature uses the private key associated with the certificate, and the signature is across both the certificate and the "body" argument, which is the body of an HTTP request, though could be any arbitrary bytes.

@param cert The pem-encoded certificate @param key The pem-encoded key @param body The body of an HTTP request

func GenECDSAToken

func GenECDSAToken(csp core.CryptoSuite, cert []byte, key core.Key, body []byte) (string, error)

GenECDSAToken signs the http body and cert with ECDSA using EC private key

func GetEnrollmentIDFromPEM

func GetEnrollmentIDFromPEM(cert []byte) (string, error)

GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer

func GetEnrollmentIDFromX509Certificate

func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string

GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate

func GetMaskedURL

func GetMaskedURL(url string) string

GetMaskedURL returns masked URL. It masks username and password from the URL if present

func GetSerialAsHex

func GetSerialAsHex(serial *big.Int) string

GetSerialAsHex returns the serial number from certificate as hex format

func GetSignerFromCert

func GetSignerFromCert(cert *x509.Certificate, csp core.CryptoSuite) (core.Key, crypto.Signer, error)

GetSignerFromCert load private key represented by ski and return bccsp signer that conforms to crypto.Signer

func GetX509CertificateFromPEM

func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)

GetX509CertificateFromPEM get an X509 certificate from bytes in PEM format

func HTTPRequestToString

func HTTPRequestToString(req *http.Request) string

HTTPRequestToString returns a string for an HTTP request for debuggging

func HTTPResponseToString

func HTTPResponseToString(resp *http.Response) string

HTTPResponseToString returns a string for an HTTP response for debuggging

func ImportBCCSPKeyFromPEM

func ImportBCCSPKeyFromPEM(keyFile string, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

ImportBCCSPKeyFromPEM attempts to create a private BCCSP key from a pem file keyFile

func ImportBCCSPKeyFromPEMBytes

func ImportBCCSPKeyFromPEMBytes(keyBuff []byte, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

ImportBCCSPKeyFromPEMBytes attempts to create a private BCCSP key from a pem byte slice

func LoadX509KeyPair

func LoadX509KeyPair(certFile, keyFile string, csp core.CryptoSuite) (*tls.Certificate, error)

LoadX509KeyPair reads and parses a public/private key pair from a pair of files. The files must contain PEM encoded data. The certificate file may contain intermediate certificates following the leaf certificate to form a certificate chain. On successful return, Certificate.Leaf will be nil because the parsed form of the certificate is not retained.

This function originated from crypto/tls/tls.go and was adapted to use a BCCSP Signer

func MakeFileAbs

func MakeFileAbs(file, dir string) (string, error)

MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute

func Marshal

func Marshal(from interface{}, what string) ([]byte, error)

Marshal to bytes

func ReadFile

func ReadFile(file string) ([]byte, error)

ReadFile reads a file

func StructToString

func StructToString(si interface{}) string

StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string

Types

type ECDSASignature

type ECDSASignature struct {
	R, S *big.Int
}

ECDSASignature forms the structure for R and S value for ECDSA

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL