lib

package
v1.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 28, 2022 License: Apache-2.0 Imports: 34 Imported by: 10

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func EncodeCRIToObject added in v1.9.0 

func EncodeCRIToObject(cri *tls.CertificateRequestInfo) (interface{}, error)

EncodeCRIToObject returns a JSON-marshallable representation of a CertificateRequestInfo object.

func EncodeTLSInfoToText added in v1.9.0 

func EncodeTLSInfoToText(tcs *tls.ConnectionState, cri *tls.CertificateRequestInfo) string

EncodeTLSInfoToText returns a human readable string, suitable for certigo console output.

func EncodeTLSToObject added in v1.7.0 

func EncodeTLSToObject(t *tls.ConnectionState) interface{}

EncodeTLSToObject returns a JSON-marshallable description of a TLS connection

func EncodeX509ToJSON 

func EncodeX509ToJSON(cert *x509.Certificate) []byte

EncodeX509ToJSON encodes an X.509 certificate into a JSON string.

func EncodeX509ToObject 

func EncodeX509ToObject(cert *x509.Certificate) interface{}

EncodeX509ToObject encodes an X.509 certificate into a JSON-serializable object.

func EncodeX509ToPEM 

func EncodeX509ToPEM(cert *x509.Certificate, headers map[string]string) *pem.Block

EncodeX509ToPEM converts an X.509 certificate into a PEM block for output.

func EncodeX509ToText 

func EncodeX509ToText(cert *x509.Certificate, terminalWidth int, verbose bool) []byte

EncodeX509ToText encodes an X.509 certificate into human-readable text.

func IsSelfSigned 

func IsSelfSigned(cert *x509.Certificate) bool

IsSelfSigned returns true iff the given certificate has a valid self-signature.

func PrintCommonName added in v1.10.0 

func PrintCommonName(name pkix.Name) (out string)

PrintCommonName prints the CN from a pkix.Name, or falls back to PrintShortName if CN is missing.

func PrintShortName added in v1.9.0 

func PrintShortName(name pkix.Name) (out string)

PrintShortName turns a pkix.Name into a string of RDN tuples.

func PrintVerifyResult added in v1.11.0 

func PrintVerifyResult(out io.Writer, result SimpleVerification)

func ReadAsPEM 

func ReadAsPEM(readers []io.Reader, format string, password func(string) string, callback func(*pem.Block, string) error) error

ReadAsPEM will read PEM blocks from the given set of inputs. Input data may be in plain-text PEM files, DER-encoded certificates or PKCS7 envelopes, or PKCS12/JCEKS keystores. All inputs will be converted to PEM blocks and passed to the callback.

func ReadAsPEMFromFiles 

func ReadAsPEMFromFiles(files []*os.File, format string, password func(string) string, callback func(*pem.Block, string) error) error

ReadAsPEMFromFiles will read PEM blocks from the given set of inputs. Input data may be in plain-text PEM files, DER-encoded certificates or PKCS7 envelopes, or PKCS12/JCEKS keystores. All inputs will be converted to PEM blocks and passed to the callback.

func ReadAsX509 

func ReadAsX509(readers []io.Reader, format string, password func(string) string, callback func(*x509.Certificate, string, error) error) error

ReadAsX509 will read X.509 certificates from the given set of inputs. Input data may be in plain-text PEM files, DER-encoded certificates or PKCS7 envelopes, or PKCS12/JCEKS keystores. All inputs will be converted to X.509 certificates (private keys are skipped) and passed to the callback.

func ReadAsX509FromFiles 

func ReadAsX509FromFiles(files []*os.File, format string, password func(string) string, callback func(*x509.Certificate, string, error) error) error

ReadAsX509FromFiles will read X.509 certificates from the given set of inputs. Input data may be in plain-text PEM files, DER-encoded certificates or PKCS7 envelopes, or PKCS12/JCEKS keystores. All inputs will be converted to X.509 certificates (private keys are skipped) and passed to the callback.

Types

type CertificateRequestInfo added in v1.9.0 

type CertificateRequestInfo struct {
	AcceptableCAs    []simplePKIXName `json:"acceptable_issuers,omitempty"`
	SignatureSchemes []string         `json:"signature_schemes,omitempty"`
}

CertificateRequestInfo has the basic information about requested client certificates

type OidDescription added in v1.6.0 

type OidDescription struct {
	Name     string
	Short    string
	Slug     string
	Multiple bool
}

OidDescription returns a human-readable name, a short acronym from RFC1485, a snake_case slug suitable as a json key, and a boolean describing whether multiple copies can appear on an X509 cert.

type SimpleResult added in v1.11.0 

type SimpleResult struct {
	Certificates           []*x509.Certificate `json:"certificates"`
	Formats                []string
	VerifyResult           *SimpleVerification `json:"verify_result,omitempty"`
	TLSConnectionState     *tls.ConnectionState
	CertificateRequestInfo *tls.CertificateRequestInfo
}

func (SimpleResult) MarshalJSON added in v1.11.0 

func (s SimpleResult) MarshalJSON() ([]byte, error)

type SimpleVerification added in v1.11.0 

type SimpleVerification struct {
	Error          string               `json:"error,omitempty"`
	OCSPStatus     *ocsp.Response       `json:"ocsp_response,omitempty"`
	OCSPWasStapled bool                 `json:"ocsp_was_stapled,omitempty"`
	OCSPError      string               `json:"ocsp_error,omitempty"`
	Chains         [][]simpleVerifyCert `json:"chains"`
}

func VerifyChain added in v1.11.0 

func VerifyChain(certs []*x509.Certificate, ocspStaple []byte, expectedName, caPath string) SimpleVerification

type TLSDescription added in v1.7.0 

type TLSDescription struct {
	Version string `json:"version"`
	Cipher  string `json:"cipher"`
}

TLSDescription has the basic information about a TLS connection

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.