pubkeypin

package
Version: v0.0.0-...-4eadfbb Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 27, 2017 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package pubkeypin provides primitives for x509 public key pinning in the style of RFC7469.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Hash

func Hash(certificate *x509.Certificate) string

Hash calculates the SHA-256 hash of the Subject Public Key Information (SPKI) object in an x509 certificate (in DER encoding). It returns the full hash as a hex encoded string (suitable for passing to Set.Allow).

Types

type Set

type Set struct {
	// contains filtered or unexported fields
}

Set is a set of pinned x509 public keys.

func NewSet

func NewSet() *Set

NewSet returns a new, empty PubKeyPinSet

func (*Set) Allow

func (s *Set) Allow(pubKeyHashes ...string) error

Allow adds an allowed public key hash to the Set

func (*Set) Check

func (s *Set) Check(certificate *x509.Certificate) error

Check if a certificate matches one of the public keys in the set

func (*Set) Empty

func (s *Set) Empty() bool

Empty returns true if the Set contains no pinned public keys.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL