certs

package
v0.0.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2024 License: MIT Imports: 26 Imported by: 0

Documentation

Overview

Package certs provides functions for X.509 certificate management.

Index

Constants

View Source 
const AuthorityKeyIdentifierExtensionName = "AuthorityKeyIdentifier"
View Source 
const AuthorityKeyIdentifierExtensionOID = "2.5.29.35"
View Source 
const BasicConstraintsExtensionName = "BasicConstraints"
View Source 
const BasicConstraintsExtensionOID = "2.5.29.19"
View Source 
const ExtKeyUsageExtensionName = "ExtKeyUsage"
View Source 
const ExtKeyUsageExtensionOID = "2.5.29.37"
View Source 
const KeyUsageExtensionName = "KeyUsage"
View Source 
const KeyUsageExtensionOID = "2.5.29.15"
View Source 
const SubjectKeyIdentifierExtensionName = "SubjectKeyIdentifier"
View Source 
const SubjectKeyIdentifierExtensionOID = "2.5.29.14"

Variables

This section is empty.

Functions

func BasicConstraintsString added in v0.0.4 

func BasicConstraintsString(isCA bool, maxPathLen int, maxPathLenZero bool) string

func ExtKeyUsageString added in v0.0.4 

func ExtKeyUsageString(extKeyUsage []x509.ExtKeyUsage, unknownExtKeyUsage []asn1.ObjectIdentifier) string

func FetchCertificates 

func FetchCertificates(url string) ([]*x509.Certificate, error)

FetchCertificates fetches X.509 certificates from the given URL.

func IsIssuedBy 

func IsIssuedBy(cert *x509.Certificate, issuer *x509.Certificate) bool

IsIssuedBy checks whether the given certificate has been issued/signed by the given issuer certificate.

func IsRoot 

func IsRoot(cert *x509.Certificate) bool

IsRoot checks whether the given certificate is a root certificate.

func KeyIdentifierString added in v0.0.4 

func KeyIdentifierString(keyId []byte) string

func KeyUsageString added in v0.0.4 

func KeyUsageString(keyUsage x509.KeyUsage) string

func ParseDN 

func ParseDN(dn string) (*pkix.Name, error)

ParseDN parses a X.509 certificate's Distinguished Name (DN) attribute.

func RawExtensionString added in v0.0.7 

func RawExtensionString(extension []byte) string

func ReadCertificates 

func ReadCertificates(filename string) ([]*x509.Certificate, error)

ReadCertificates reads X.509 certificates from the given file.

func ServerCertificates 

func ServerCertificates(network string, addr string) ([]*x509.Certificate, error)

ServerCertificates gets the X.509 certificates used for encrypting the connection to the given server.

The server protocol must be TLS based (e.g. https, ldaps). The certificates are retrieved during the TLS handshake.

func WriteCertificatesDER 

func WriteCertificatesDER(filename string, certificates []*x509.Certificate, perm os.FileMode) error

WriteCertificatesDER writes X.509 certificates in DER format to the given file.

func WriteCertificatesPEM 

func WriteCertificatesPEM(filename string, certificates []*x509.Certificate, perm os.FileMode) error

WriteCertificatesPEM writes X.509 certificates in PEM format to the given file.

Types

type CertificateFactory 

type CertificateFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 certificate.
	New() (crypto.PrivateKey, *x509.Certificate, error)
}

CertificateFactory interface provides a unified way to create X.509 certificates.

func NewACMECertificateFactory 

func NewACMECertificateFactory(certificateRequest *acme.CertificateRequest, keyPairFactory keys.KeyPairFactory) CertificateFactory

NewACMECertificateFactory creates a new certificate factory for ACME based certificates.

func NewLocalCertificateFactory 

func NewLocalCertificateFactory(template *x509.Certificate, keyPairFactory keys.KeyPairFactory, parent *x509.Certificate, signer crypto.PrivateKey) CertificateFactory

NewLocalCertificateFactory creates a new certificate factory for locally issued certificates.

func NewRemoteCertificateFactory 

func NewRemoteCertificateFactory(template *x509.Certificate, request *x509.CertificateRequest, parent *x509.Certificate, signer crypto.PrivateKey) CertificateFactory

NewRemoteCertificateFactory creates a new certificate factory for request based certificates.

type CertificateRequestFactory 

type CertificateRequestFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 certificate request.
	New() (crypto.PrivateKey, *x509.CertificateRequest, error)
}

CertificateRequestFactory interface provides a unified way to create X.509 certificate requests.

func NewRemoteCertificateRequestFactory 

func NewRemoteCertificateRequestFactory(template *x509.CertificateRequest, keyPairFactory keys.KeyPairFactory) CertificateRequestFactory

NewRemoteCertificateRequestFactory creates a new certificate request factory for remotely signed certificates.

type RevocationListFactory 

type RevocationListFactory interface {
	// Name returns the name of this factory.
	Name() string
	// New creates a new X.509 revocation list.
	New(issuer *x509.Certificate, signer crypto.PrivateKey) (*x509.RevocationList, error)
}

RevocationListFactory interface provides a unified way to create X.509 revocation lists.

func NewLocalRevocationListFactory 

func NewLocalRevocationListFactory(template *x509.RevocationList) RevocationListFactory

NewLocalRevocationListFactory creates a new revocation list factory for locally issued certificates.

Source Files

View all Source files

Directories

Path Synopsis
Package acme provides [LEGO] related utility functions.
 Package acme provides [LEGO] related utility functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.