util

package
v0.0.0-...-aaaad47 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 13, 2018 License: Apache-2.0 Imports: 47 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	// TagDefault is the tag name for a default value of a field as recognized
	// by RegisterFlags.
	TagDefault = "def"
	// TagHelp is the tag name for a help message of a field as recognized
	// by RegisterFlags.
	TagHelp = "help"
	// TagOpt is the tag name for a one character option of a field as recognized
	// by RegisterFlags.  For example, a value of "d" reserves "-d" for the
	// command line argument.
	TagOpt = "opt"
	// TagSkip is the tag name which causes the field to be skipped by
	// RegisterFlags.
	TagSkip = "skip"
)
View Source 
const SecretTag = "secret"

SecretTag to tag a field as secret as in password, token

Variables

View Source 
var (

	// ErrNotImplemented used to return errors for functions not implemented
	ErrNotImplemented = errors.New("NOT YET IMPLEMENTED")
)
View Source 
var PassExpr = regexp.MustCompile(`[,]?password[,]?`)

PassExpr is the regular expression to check if a tag has 'password'

View Source 
var RevocationReasonCodes = map[string]int{
	"unspecified":          ocsp.Unspecified,
	"keycompromise":        ocsp.KeyCompromise,
	"cacompromise":         ocsp.CACompromise,
	"affiliationchanged":   ocsp.AffiliationChanged,
	"superseded":           ocsp.Superseded,
	"cessationofoperation": ocsp.CessationOfOperation,
	"certificatehold":      ocsp.CertificateHold,
	"removefromcrl":        ocsp.RemoveFromCRL,
	"privilegewithdrawn":   ocsp.PrivilegeWithdrawn,
	"aacompromise":         ocsp.AACompromise,
}

RevocationReasonCodes is a map between string reason codes to integers as defined in RFC 5280

Functions

func B64Decode 

func B64Decode(str string) (buf []byte, err error)

B64Decode base64 decodes a string

func B64Encode 

func B64Encode(buf []byte) string

B64Encode base64 encodes bytes

func BCCSPKeyRequestGenerate 

func BCCSPKeyRequestGenerate(req *csr.CertificateRequest, myCSP bccsp.BCCSP) (bccsp.Key, crypto.Signer, error)

BCCSPKeyRequestGenerate generates keys through BCCSP somewhat mirroring to cfssl/req.KeyRequest.Generate()

func BccspBackedSigner 

func BccspBackedSigner(caFile, keyFile string, policy *config.Signing, csp bccsp.BCCSP) (signer.Signer, error)

BccspBackedSigner attempts to create a signer using csp bccsp.BCCSP. This csp could be SW (golang crypto) PKCS11 or whatever BCCSP-conformant library is configured

func CheckHostsInCert 

func CheckHostsInCert(certFile string, host string) error

CheckHostsInCert checks to see if host correctly inserted into certificate

func CmdRunBegin 

func CmdRunBegin()

CmdRunBegin is called at the beginning of each cobra run function

func ConfigureBCCSP 

func ConfigureBCCSP(optsPtr **factory.FactoryOpts, mspDir, homeDir string) error

ConfigureBCCSP configures BCCSP, using

func CopyMissingValues 

func CopyMissingValues(src, dst interface{})

CopyMissingValues checks the dst interface for missing values and replaces them with value from src config struct. This does a deep copy of pointers.

func CreateClientHome 

func CreateClientHome() (string, error)

CreateClientHome will create a home directory if it does not exist

func CreateToken 

func CreateToken(csp bccsp.BCCSP, cert []byte, key bccsp.Key, body []byte) (string, error)

CreateToken creates a JWT-like token. In a normal JWT token, the format of the token created is: 

<algorithm,claims,signature>

where each part is base64-encoded string separated by a period. In this JWT-like token, there are two differences:

  1. the claims section is a certificate, so the format is: <certificate,signature>
  2. the signature uses the private key associated with the certificate, and the signature is across both the certificate and the "body" argument, which is the body of an HTTP request, though could be any arbitrary bytes.

@param cert The pem-encoded certificate @param key The pem-encoded key @param body The body of an HTTP request

func DecodeToken 

func DecodeToken(token string) (*x509.Certificate, string, string, error)

DecodeToken extracts an X509 certificate and base64 encoded signature from a token

func Fatal 

func Fatal(format string, v ...interface{})

Fatal logs a fatal message and exits

func FileExists 

func FileExists(name string) bool

FileExists checks to see if a file exists

func FlagString 

func FlagString(flags *pflag.FlagSet, name, short string, def string, desc string)

FlagString sets up a flag for a string, binding it to its name

func GenECDSAToken 

func GenECDSAToken(csp bccsp.BCCSP, cert []byte, key bccsp.Key, body []byte) (string, error)

GenECDSAToken signs the http body and cert with ECDSA using EC private key

func GetBCCSP 

func GetBCCSP(opts *factory.FactoryOpts, homeDir string) (bccsp.BCCSP, error)

GetBCCSP returns BCCSP

func GetCertificateDuration 

func GetCertificateDuration(cert *x509.Certificate) time.Duration

GetCertificateDuration returns the validity duration for a certificate

func GetCertificateDurationFromFile 

func GetCertificateDurationFromFile(file string) (time.Duration, error)

GetCertificateDurationFromFile returns the validity duration for a certificate in a file.

func GetCommandLineOptValue 

func GetCommandLineOptValue(optName string, remove bool) string

GetCommandLineOptValue searches the command line arguments for the specified option and returns the following value if found; otherwise it returns "". If **remove** is true and it is found, the option and its value are removed from os.Args. For example, if command line is: 

fabric-ca client enroll -config myconfig.json

GetCommandLineOptValue("-config",true) returns "myconfig.json" and changes os.Args to 

fabric-ca client enroll

func GetDefaultBCCSP 

func GetDefaultBCCSP() bccsp.BCCSP

GetDefaultBCCSP returns the default BCCSP

func GetDefaultConfigFile 

func GetDefaultConfigFile(cmdName string) string

GetDefaultConfigFile gets the default path for the config file to display in usage message

func GetECPrivateKey 

func GetECPrivateKey(raw []byte) (*ecdsa.PrivateKey, error)

GetECPrivateKey get *ecdsa.PrivateKey from key pem

func GetEnrollmentIDFromPEM 

func GetEnrollmentIDFromPEM(cert []byte) (string, error)

GetEnrollmentIDFromPEM returns the EnrollmentID from a PEM buffer

func GetEnrollmentIDFromX509Certificate 

func GetEnrollmentIDFromX509Certificate(cert *x509.Certificate) string

GetEnrollmentIDFromX509Certificate returns the EnrollmentID from the X509 certificate

func GetRSAPrivateKey 

func GetRSAPrivateKey(raw []byte) (*rsa.PrivateKey, error)

GetRSAPrivateKey get *rsa.PrivateKey from key pem

func GetSerialAsHex 

func GetSerialAsHex(serial *big.Int) string

GetSerialAsHex returns the serial number from certificate as hex format

func GetServerAddr 

func GetServerAddr() string

GetServerAddr returns the server's address

func GetServerPort 

func GetServerPort() string

GetServerPort returns the server's listening port

func GetServerProtocol 

func GetServerProtocol() string

GetServerProtocol returns the server's protocol

func GetServerURL 

func GetServerURL() string

GetServerURL returns the server's URL

func GetSignerFromCert 

func GetSignerFromCert(cert *x509.Certificate, csp bccsp.BCCSP) (bccsp.Key, crypto.Signer, error)

GetSignerFromCert load private key represented by ski and return bccsp signer that conforms to crypto.Signer

func GetSignerFromCertFile 

func GetSignerFromCertFile(certFile string, csp bccsp.BCCSP) (bccsp.Key, crypto.Signer, *x509.Certificate, error)

GetSignerFromCertFile load skiFile and load private key represented by ski and return bccsp signer that conforms to crypto.Signer

func GetUser 

func GetUser() (string, string, error)

GetUser returns username and password from CLI input

func GetX509CertificateFromPEM 

func GetX509CertificateFromPEM(cert []byte) (*x509.Certificate, error)

GetX509CertificateFromPEM get an X509 certificate from bytes in PEM format

func GetX509CertificateFromPEMFile 

func GetX509CertificateFromPEMFile(file string) (*x509.Certificate, error)

GetX509CertificateFromPEMFile gets an X509 certificate from a file

func HTTPRequestToString 

func HTTPRequestToString(req *http.Request) string

HTTPRequestToString returns a string for an HTTP request for debuggging

func HTTPResponseToString 

func HTTPResponseToString(resp *http.Response) string

HTTPResponseToString returns a string for an HTTP response for debuggging

func ImportBCCSPKeyFromPEM 

func ImportBCCSPKeyFromPEM(keyFile string, myCSP bccsp.BCCSP, temporary bool) (bccsp.Key, error)

ImportBCCSPKeyFromPEM attempts to create a private BCCSP key from a pem file keyFile

func InitBCCSP 

func InitBCCSP(optsPtr **factory.FactoryOpts, mspDir, homeDir string) (bccsp.BCCSP, error)

InitBCCSP initializes BCCSP

func IsGMConfig 

func IsGMConfig() bool

func IsSubsetOf 

func IsSubsetOf(small, big string) error

IsSubsetOf returns an error if there is something in 'small' that is not in 'big'. Both small and big are assumed to be comma-separated strings. All string comparisons are case-insensitive. Examples: 1) IsSubsetOf('a,B', 'A,B,C') returns nil 2) IsSubsetOf('A,B,C', 'B,C') returns an error because A is not in the 2nd set.

func LoadX509KeyPair 

func LoadX509KeyPair(certFile, keyFile string, csp bccsp.BCCSP) (*tls.Certificate, error)

LoadX509KeyPair reads and parses a public/private key pair from a pair of files. The files must contain PEM encoded data. The certificate file may contain intermediate certificates following the leaf certificate to form a certificate chain. On successful return, Certificate.Leaf will be nil because the parsed form of the certificate is not retained.

This function originated from crypto/tls/tls.go and was adapted to use a BCCSP Signer

func MakeFileAbs 

func MakeFileAbs(file, dir string) (string, error)

MakeFileAbs makes 'file' absolute relative to 'dir' if not already absolute

func MakeFileNamesAbsolute 

func MakeFileNamesAbsolute(files []*string, home string) error

MakeFileNamesAbsolute makes all file names in the list absolute, relative to home

func Marshal 

func Marshal(from interface{}, what string) ([]byte, error)

Marshal to bytes

func NormalizeFileList 

func NormalizeFileList(files []string, homeDir string) ([]string, error)

NormalizeFileList provides absolute pathing for the list of files

func NormalizeStringSlice 

func NormalizeStringSlice(slice []string) []string

NormalizeStringSlice checks for seperators

func ParseObj 

func ParseObj(obj interface{}, cb func(*Field) error) error

ParseObj parses an object structure, calling back with field info for each field

func ParseSm2Certificate2X509 

func ParseSm2Certificate2X509(sm2Cert *sm2.Certificate) *x509.Certificate

sm2 证书转换 x509 证书

func ParseX509Certificate2Sm2 

func ParseX509Certificate2Sm2(x509Cert *x509.Certificate) *sm2.Certificate

X509证书格式转换为 SM2证书格式

func RandomString 

func RandomString(n int) string

RandomString returns a random string

func Read 

func Read(r io.Reader, data []byte) ([]byte, error)

Read reads from Reader into a byte array

func ReadFile 

func ReadFile(file string) ([]byte, error)

ReadFile reads a file

func RegisterFlags 

func RegisterFlags(flags *pflag.FlagSet, config interface{}, tags map[string]string) error

RegisterFlags registers flags for all fields in an arbitrary 'config' object. This method recognizes the following field tags: "def" - the default value of the field; "opt" - the optional one character short name to use on the command line; "help" - the help message to display on the command line; "skip" - to skip the field.

func RemoveQuotes 

func RemoveQuotes(str string) string

RemoveQuotes removes outer quotes from a string if necessary

func SetDefaultServerPort 

func SetDefaultServerPort()

SetDefaultServerPort overrides the default CFSSL server port by adding the "-port" option to the command line if it was not already present.

func SetProviderName 

func SetProviderName(name string)

func StrContained 

func StrContained(str string, strs []string) bool

StrContained returns true if 'str' is in 'strs'; otherwise return false

func StructToString 

func StructToString(si interface{}) string

StructToString converts a struct to a string. If a field has a 'secret' tag, it is masked in the returned string

func Unmarshal 

func Unmarshal(from []byte, to interface{}, what string) error

Unmarshal from bytes

func VerifyToken 

func VerifyToken(csp bccsp.BCCSP, token string, body []byte) (*x509.Certificate, error)

VerifyToken verifies token signed by either ECDSA or RSA and returns the associated user ID

func ViperUnmarshal 

func ViperUnmarshal(cfg interface{}, stringSliceFields []string, vp *viper.Viper) error

ViperUnmarshal is a work around for a bug in viper.Unmarshal This can be removed once https://github.com/spf13/viper/issues/327 is fixed and vendored.

func WriteFile 

func WriteFile(file string, buf []byte, perm os.FileMode) error

WriteFile writes a file

Types

type ECDSASignature 

type ECDSASignature struct {
	R, S *big.Int
}

ECDSASignature forms the structure for R and S value for ECDSA

type Field 

type Field struct {
	Name  string
	Path  string
	Type  reflect.Type
	Kind  reflect.Kind
	Leaf  bool
	Depth int
	Tag   reflect.StructTag
	Value interface{}
	Addr  interface{}
}

Field is a field of an arbitrary struct

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.