View Source
const SecretTag = "mask"

    SecretTag to tag a field as secret as in password, token


    View Source
    var (
    	// ErrNotImplemented used to return errors for functions not implemented
    	ErrNotImplemented = errors.New("NOT YET IMPLEMENTED")
    View Source
    var RevocationReasonCodes = map[string]int{
    	"unspecified":          ocsp.Unspecified,
    	"keycompromise":        ocsp.KeyCompromise,
    	"cacompromise":         ocsp.CACompromise,
    	"affiliationchanged":   ocsp.AffiliationChanged,
    	"superseded":           ocsp.Superseded,
    	"cessationofoperation": ocsp.CessationOfOperation,
    	"certificatehold":      ocsp.CertificateHold,
    	"removefromcrl":        ocsp.RemoveFromCRL,
    	"privilegewithdrawn":   ocsp.PrivilegeWithdrawn,
    	"aacompromise":         ocsp.AACompromise,

      RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280

      View Source
      var URLRegex = regexp.MustCompile("(ldap|http)s*://(\\S+):(\\S+)@")

        URLRegex is the regular expression to check if a value is an URL


        func B64Decode

        func B64Decode(str string) (buf []byte, err error)

          B64Decode base64 decodes a string

          func B64Encode

          func B64Encode(buf []byte) string

            B64Encode base64 encodes bytes

            func BCCSPKeyRequestGenerate

            func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP core.CryptoSuite) (core.Key, crypto.Signer, error)

              BCCSPKeyRequestGenerate generates keys through BCCSP somewhat mirroring to cfssl/req.KeyRequest.Generate()

              func CreateToken

              func CreateToken(csp core.CryptoSuite, cert []byte, key core.Key, method, uri string, body []byte) (string, error)

              func FileExists

              func FileExists(name string) bool

                FileExists checks to see if a file exists

                func GenECDSAToken

                func GenECDSAToken(csp core.CryptoSuite, cert []byte, key core.Key, method, uri string, body []byte) (string, error)

                  GenECDSAToken signs the http body and cert with ECDSA using EC private key

                  func GetEnrollmentIDFromPEM

                  func GetEnrollmentIDFromPEM(cert []byte) (string, error)

                    GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer

                    func GetEnrollmentIDFromX509Certificate

                    func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string

                      GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate

                      func GetMaskedURL

                      func GetMaskedURL(url string) string

                        GetMaskedURL returns masked URL. It masks username and password from the URL if present

                        func GetSerialAsHex

                        func GetSerialAsHex(serial *big.Int) string

                          GetSerialAsHex returns the serial number from certificate as hex format

                          func GetSignerFromCert

                          func GetSignerFromCert(cert *x509.Certificate, csp core.CryptoSuite) (core.Key, crypto.Signer, error)

                            GetSignerFromCert load private key represented by ski and return bccsp signer that conforms to crypto.Signer

                            func GetSignerFromCertFile

                            func GetSignerFromCertFile(certFile string, csp core.CryptoSuite) (core.Key, crypto.Signer, *x509.Certificate, error)

                              GetSignerFromCertFile load skiFile and load private key represented by ski and return bccsp signer that conforms to crypto.Signer

                              func GetX509CertificateFromPEM

                              func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)

                                GetX509CertificateFromPEM get an X509 certificate from bytes in PEM format

                                func HTTPRequestToString

                                func HTTPRequestToString(req *http.Request) string

                                  HTTPRequestToString returns a string for an HTTP request for debuggging

                                  func HTTPResponseToString

                                  func HTTPResponseToString(resp *http.Response) string

                                    HTTPResponseToString returns a string for an HTTP response for debuggging

                                    func ImportBCCSPKeyFromPEM

                                    func ImportBCCSPKeyFromPEM(keyFile string, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

                                      ImportBCCSPKeyFromPEM attempts to create a private BCCSP key from a pem file keyFile

                                      func ImportBCCSPKeyFromPEMBytes

                                      func ImportBCCSPKeyFromPEMBytes(keyBuff []byte, myCSP core.CryptoSuite, temporary bool) (core.Key, error)

                                        ImportBCCSPKeyFromPEMBytes attempts to create a private BCCSP key from a pem byte slice

                                        func LoadX509KeyPair

                                        func LoadX509KeyPair(certFile, keyFile []byte, csp core.CryptoSuite) (*tls.Certificate, error)

                                          LoadX509KeyPair reads and parses a public/private key pair from a pair of files. The files must contain PEM encoded data. The certificate file may contain intermediate certificates following the leaf certificate to form a certificate chain. On successful return, Certificate.Leaf will be nil because the parsed form of the certificate is not retained.

                                          This function originated from crypto/tls/tls.go and was adapted to use a BCCSP Signer

                                          func MakeFileAbs

                                          func MakeFileAbs(file, dir string) (string, error)

                                            MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute

                                            func Marshal

                                            func Marshal(from interface{}, what string) ([]byte, error)

                                              Marshal to bytes

                                              func ReadFile

                                              func ReadFile(file string) ([]byte, error)

                                                ReadFile reads a file

                                                func StructToString

                                                func StructToString(si interface{}) string

                                                  StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string

                                                  func WriteFile

                                                  func WriteFile(file string, buf []byte, perm os.FileMode) error

                                                    WriteFile writes a file


                                                    type ECDSASignature

                                                    type ECDSASignature struct {
                                                    	R, S *big.Int

                                                      ECDSASignature forms the structure for R and S value for ECDSA

                                                      Source Files