pki

package

v0.0.0-...-8ac20fa Latest Latest Go to latest Published: Nov 16, 2022 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cert-manager/webhook-lib

Links

Open Source Insights

Documentation ¶

Index ¶

func DecodePrivateKeyBytes(keyBytes []byte) (crypto.Signer, error)
func DecodeX509CertificateBytes(certBytes []byte) (*x509.Certificate, error)
func DecodeX509CertificateChainBytes(certBytes []byte) ([]*x509.Certificate, error)
func EncodePKCS8PrivateKey(pk interface{}) ([]byte, error)
func EncodeX509(cert *x509.Certificate) ([]byte, error)
func GenerateECPrivateKey(keySize int) (*ecdsa.PrivateKey, error)
func GenerateRSAPrivateKey(keySize int) (*rsa.PrivateKey, error)
func SignCertificate(template *x509.Certificate, issuerCert *x509.Certificate, ...) ([]byte, *x509.Certificate, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DecodePrivateKeyBytes ¶

func DecodePrivateKeyBytes(keyBytes []byte) (crypto.Signer, error)

DecodePrivateKeyBytes will decode a PEM encoded private key into a crypto.Signer. It supports ECDSA and RSA private keys only. All other types will return err.

func DecodeX509CertificateBytes ¶

func DecodeX509CertificateBytes(certBytes []byte) (*x509.Certificate, error)

DecodeX509CertificateBytes will decode a PEM encoded x509 Certificate.

func DecodeX509CertificateChainBytes ¶

func DecodeX509CertificateChainBytes(certBytes []byte) ([]*x509.Certificate, error)

DecodeX509CertificateChainBytes will decode a PEM encoded x509 Certificate chain.

func EncodePKCS8PrivateKey ¶

func EncodePKCS8PrivateKey(pk interface{}) ([]byte, error)

EncodePKCS8PrivateKey will marshal a private key into x509 PEM format.

func EncodeX509 ¶

func EncodeX509(cert *x509.Certificate) ([]byte, error)

EncodeX509 will encode a single *x509.Certificate into PEM format.

func GenerateECPrivateKey ¶

func GenerateECPrivateKey(keySize int) (*ecdsa.PrivateKey, error)

GenerateECPrivateKey will generate an ECDSA private key of the given size. It can be used to generate 256, 384 and 521 sized keys.

func GenerateRSAPrivateKey ¶

func GenerateRSAPrivateKey(keySize int) (*rsa.PrivateKey, error)

GenerateRSAPrivateKey will generate a RSA private key of the given size. It places restrictions on the minimum and maximum RSA keysize.

func SignCertificate ¶

func SignCertificate(template *x509.Certificate, issuerCert *x509.Certificate, publicKey crypto.PublicKey, signerKey interface{}) ([]byte, *x509.Certificate, error)

SignCertificate returns a signed *x509.Certificate given a template *x509.Certificate crt and an issuer. publicKey is the public key of the signee, and signerKey is the private key of the signer. It returns a PEM encoded copy of the Certificate as well as a *x509.Certificate which can be used for reading the encoded values.

Types ¶

This section is empty.

Source Files ¶

View all Source files

pki_utils.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL