Version: v0.0.0-...-4eadfbb Latest Latest

This package is not in the latest version of its module.

Go to latest
Published: Oct 27, 2017 License: Apache-2.0 Imports: 5 Imported by: 0



Package pubkeypin provides primitives for x509 public key pinning in the style of RFC7469.



This section is empty.


This section is empty.


func Hash

func Hash(certificate *x509.Certificate) string

Hash calculates the SHA-256 hash of the Subject Public Key Information (SPKI) object in an x509 certificate (in DER encoding). It returns the full hash as a hex encoded string (suitable for passing to Set.Allow).


type Set

type Set struct {
	// contains filtered or unexported fields

Set is a set of pinned x509 public keys.

func NewSet

func NewSet() *Set

NewSet returns a new, empty PubKeyPinSet

func (*Set) Allow

func (s *Set) Allow(pubKeyHashes ...string) error

Allow adds an allowed public key hash to the Set

func (*Set) Check

func (s *Set) Check(certificate *x509.Certificate) error

Check if a certificate matches one of the public keys in the set

func (*Set) Empty

func (s *Set) Empty() bool

Empty returns true if the Set contains no pinned public keys.

Source Files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL