grpchelpers

package

v0.5.5 Latest Latest Go to latest Published: Mar 27, 2026 License: BSD-2-Clause Imports: 16 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/SUNET/vc

Links

Open Source Insights

Documentation ¶

Index ¶

func CertDN(cert *x509.Certificate) string
func CertFingerprint(cert *x509.Certificate) string
func FormatFingerprint(fp string) string
func NewClientConn(cfg model.GRPCClientTLS) (*grpc.ClientConn, error)
func NewServerOptions(cfg model.GRPCServer) ([]grpc.ServerOption, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CertDN ¶

func CertDN(cert *x509.Certificate) string

CertDN returns the Subject Distinguished Name of a certificate as a human-readable string. Uses the standard Go x509 String() format. For comparison purposes, use certCanonicalDN instead.

func CertFingerprint ¶

func CertFingerprint(cert *x509.Certificate) string

CertFingerprint calculates the SHA256 fingerprint of a certificate. Returns the fingerprint as a lowercase hex string.

func FormatFingerprint ¶

func FormatFingerprint(fp string) string

FormatFingerprint formats a fingerprint with colons for display (e.g., "aa:bb:cc:dd...")

Example ¶

package main

import (
	"fmt"

	"github.com/SUNET/vc/pkg/grpchelpers"
)

func main() {
	// A short hex string for demonstration
	fp := "aabbccdd"
	formatted := grpchelpers.FormatFingerprint(fp)
	fmt.Println(formatted)
}

Output:
SHA256:aa:bb:cc:dd

Example (Full) ¶

package main

import (
	"fmt"

	"github.com/SUNET/vc/pkg/grpchelpers"
)

func main() {
	// A full SHA-256 fingerprint (64 hex characters)
	fp := "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
	formatted := grpchelpers.FormatFingerprint(fp)
	fmt.Println(formatted)
}

Output:
SHA256:e3:b0:c4:42:98:fc:1c:14:9a:fb:f4:c8:99:6f:b9:24:27:ae:41:e4:64:9b:93:4c:a4:95:99:1b:78:52:b8:55

func NewClientConn ¶

func NewClientConn(cfg model.GRPCClientTLS) (*grpc.ClientConn, error)

NewClientConn creates a gRPC client connection with optional mTLS support. If TLS is disabled, returns an insecure connection. If TLS is enabled without client certs, uses server-only TLS. If TLS is enabled with client certs, uses mutual TLS (mTLS).

func NewServerOptions ¶

func NewServerOptions(cfg model.GRPCServer) ([]grpc.ServerOption, error)

NewServerOptions returns gRPC server options with optional TLS/mTLS support. If TLS is disabled, returns nil (for insecure server). If TLS is enabled without client CA, uses server-only TLS. If TLS is enabled with client CA, uses mutual TLS (mTLS) requiring client certificates. If AllowedClientFingerprints or AllowedClientDNs is set, adds an interceptor to verify client certs.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL