certstore

package

v0.0.0-...-26bb5a1 Latest Latest Go to latest Published: Mar 4, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pme-sh/nats-server

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
Variables
func GetLeafIssuer(leaf *x509.Certificate, vOpts x509.VerifyOptions) (issuer *x509.Certificate)
func TLSConfig(certStore StoreType, certMatchBy MatchByType, certMatch string, ...) error
type MatchByType
- func ParseCertMatchBy(certMatchBy string) (MatchByType, error)
type StoreType
- func ParseCertStore(certStore string) (StoreType, error)

Constants ¶

View Source

const MATCHBYEMPTY = 0

View Source

const STOREEMPTY = 0

Variables ¶

View Source

var (
	// ErrBadCryptoStoreProvider represents inablity to establish link with a certificate store
	ErrBadCryptoStoreProvider = errors.New("unable to open certificate store or store not available")

	// ErrBadRSAHashAlgorithm represents a bad or unsupported RSA hash algorithm
	ErrBadRSAHashAlgorithm = errors.New("unsupported RSA hash algorithm")

	// ErrBadSigningAlgorithm represents a bad or unsupported signing algorithm
	ErrBadSigningAlgorithm = errors.New("unsupported signing algorithm")

	// ErrStoreRSASigningError represents an error returned from store during RSA signature
	ErrStoreRSASigningError = errors.New("unable to obtain RSA signature from store")

	// ErrStoreECDSASigningError represents an error returned from store during ECDSA signature
	ErrStoreECDSASigningError = errors.New("unable to obtain ECDSA signature from store")

	// ErrNoPrivateKeyStoreRef represents an error getting a handle to a private key in store
	ErrNoPrivateKeyStoreRef = errors.New("unable to obtain private key handle from store")

	// ErrExtractingPrivateKeyMetadata represents a family of errors extracting metadata about the private key in store
	ErrExtractingPrivateKeyMetadata = errors.New("unable to extract private key metadata")

	// ErrExtractingECCPublicKey represents an error exporting ECC-type public key from store
	ErrExtractingECCPublicKey = errors.New("unable to extract ECC public key from store")

	// ErrExtractingRSAPublicKey represents an error exporting RSA-type public key from store
	ErrExtractingRSAPublicKey = errors.New("unable to extract RSA public key from store")

	// ErrExtractingPublicKey represents a general error exporting public key from store
	ErrExtractingPublicKey = errors.New("unable to extract public key from store")

	// ErrBadPublicKeyAlgorithm represents a bad or unsupported public key algorithm
	ErrBadPublicKeyAlgorithm = errors.New("unsupported public key algorithm")

	// ErrExtractPropertyFromKey represents a general failure to extract a metadata property field
	ErrExtractPropertyFromKey = errors.New("unable to extract property from key")

	// ErrBadECCCurveName represents an ECC signature curve name that is bad or unsupported
	ErrBadECCCurveName = errors.New("unsupported ECC curve name")

	// ErrFailedCertSearch represents not able to find certificate in store
	ErrFailedCertSearch = errors.New("unable to find certificate in store")

	// ErrFailedX509Extract represents not being able to extract x509 certificate from found cert in store
	ErrFailedX509Extract = errors.New("unable to extract x509 from certificate")

	// ErrBadMatchByType represents unknown CERT_MATCH_BY passed
	ErrBadMatchByType = errors.New("cert match by type not implemented")

	// ErrBadCertStore represents unknown CERT_STORE passed
	ErrBadCertStore = errors.New("cert store type not implemented")

	// ErrConflictCertFileAndStore represents ambiguous configuration of both file and store
	ErrConflictCertFileAndStore = errors.New("'cert_file' and 'cert_store' may not both be configured")

	// ErrBadCertStoreField represents malformed cert_store option
	ErrBadCertStoreField = errors.New("expected 'cert_store' to be a valid non-empty string")

	// ErrBadCertMatchByField represents malformed cert_match_by option
	ErrBadCertMatchByField = errors.New("expected 'cert_match_by' to be a valid non-empty string")

	// ErrBadCertMatchField represents malformed cert_match option
	ErrBadCertMatchField = errors.New("expected 'cert_match' to be a valid non-empty string")

	// ErrOSNotCompatCertStore represents cert_store passed that exists but is not valid on current OS
	ErrOSNotCompatCertStore = errors.New("cert_store not compatible with current operating system")
)

View Source

var MatchByMap = map[string]MatchByType{
	"issuer":  matchByIssuer,
	"subject": matchBySubject,
}

View Source

var StoreMap = map[string]StoreType{
	"windowscurrentuser":  windowsCurrentUser,
	"windowslocalmachine": windowsLocalMachine,
}

View Source

var StoreOSMap = map[StoreType]string{
	// contains filtered or unexported fields
}

View Source

var Usage = `` /* 213-byte string literal not displayed */

Functions ¶

func GetLeafIssuer ¶

func GetLeafIssuer(leaf *x509.Certificate, vOpts x509.VerifyOptions) (issuer *x509.Certificate)

func TLSConfig ¶

func TLSConfig(certStore StoreType, certMatchBy MatchByType, certMatch string, config *tls.Config) error

Types ¶

type MatchByType ¶

type MatchByType int

func ParseCertMatchBy ¶

func ParseCertMatchBy(certMatchBy string) (MatchByType, error)

type StoreType ¶

type StoreType int

func ParseCertStore ¶

func ParseCertStore(certStore string) (StoreType, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL