Documentation
¶
Overview ¶
Package x509util provides X.509 certificate parsing utilities. This package contains shared certificate parsing functions used across go-trust components, particularly for extracting certificates from AuthZEN resource.key arrays in various formats (x5c arrays, JWK objects).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ParseX5CFromArray ¶
func ParseX5CFromArray(key []interface{}) ([]*x509.Certificate, error)
ParseX5CFromArray parses X.509 certificates from an array of base64-encoded strings.
This function expects the input format used by AuthZEN resource.key when resource.type is "x5c": an array of base64-encoded DER certificates.
Parameters:
- key: Array of interface{} values that should be base64-encoded certificate strings
Returns:
- Slice of parsed X.509 certificates (leaf certificate first)
- Error if any certificate fails to decode or parse
Example input:
[]interface{}{
"MIIC...base64...==", // leaf certificate
"MIID...base64...==", // intermediate CA
}
func ParseX5CFromJWK ¶
func ParseX5CFromJWK(key []interface{}) ([]*x509.Certificate, error)
ParseX5CFromJWK extracts X.509 certificates from a JWK object's x5c claim.
This function expects the input format used by AuthZEN resource.key when resource.type is "jwk": an array containing a single JWK object with an x5c (X.509 Certificate Chain) claim.
Parameters:
- key: Array containing a single JWK object (map[string]interface{})
Returns:
- Slice of parsed X.509 certificates from the x5c claim
- Error if JWK format is invalid or x5c claim is missing/malformed
Example input:
[]interface{}{
map[string]interface{}{
"kty": "RSA",
"n": "...",
"e": "AQAB",
"x5c": []interface{}{"MIIC...==", "MIID...=="},
},
}
Types ¶
This section is empty.
Source Files