cert

package

v0.0.0-...-cceba45 Latest Latest Go to latest Published: Dec 16, 2014 License: AGPL-3.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

Documentation ¶

Overview ¶

Package cert implements supports for basket "certificates" used to verify endpoint identity during the cryptographic handshake. Despite the naming "certs" are merely a common serialization format for keys belonging to a given signature algorithm (Think SSH host keys/SSH user ID keys).

Index ¶

Variables
type Certificate
- func Load(blob []byte) (Certificate, error)
- func New(algorithm CertificateAlgorithm) (Certificate, error)
type CertificateAlgorithm
- func CertificateAlgorithmFromString(algStr string) (CertificateAlgorithm, error)
type UnsupportedAlgorithmError
- func (a UnsupportedAlgorithmError) Error() string

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrNoPrivateKey = errors.New("cert: no private key")

ErrNoPrivateKey is the error returned when a operation that requires a private key is attempted using a cert that only contains a public key.

Functions ¶

This section is empty.

Types ¶

type Certificate ¶

type Certificate interface {
	// Algorithm returns the algorithm supported by this certificate.
	Algorithm() CertificateAlgorithm

	// SignatureSize returns the size of signatures produced by the given
	// algorithm in bytes.
	SignatureSize() int

	// PublicKey returns the binary representation of the public key.
	PublicKey() []byte

	// HasPrivateKey returns if a private key is present.
	HasPrivateKey() bool

	// PrivateKey returns the binary representation of the private key.
	PrivateKey() ([]byte, error)

	// Sign signs a given message with the private key and returns the
	// signature.
	Sign(message []byte) ([]byte, error)

	// Verify validates a given message + signature combination against the
	// public key.
	Verify(message []byte, signature []byte) bool

	// Serialize returns a binary representation of the certificate suitable
	// for network transmission or loading.
	Serialize(includePrivate bool) ([]byte, error)

	// String returns a string representation of the certificate's public
	// information.
	String() string
}

Certificate is the common interface supported by all certificate types.

func Load ¶

func Load(blob []byte) (Certificate, error)

Load decodes a binary representation of a certificate produced by Serialize.

func New ¶

func New(algorithm CertificateAlgorithm) (Certificate, error)

New generates a new Certificate with a fresh keypair.

type CertificateAlgorithm ¶

type CertificateAlgorithm byte

CertificateAlgorithm specifies the signature algorithm used by the certificate.

const (
	// AlgEd25519 is Ed25519/SHA-512.
	AlgEd25519 CertificateAlgorithm = iota

	// AlgSphincs256 is SPHINCS256/BLAKE-512.
	AlgSphincs256
)

func CertificateAlgorithmFromString ¶

func CertificateAlgorithmFromString(algStr string) (CertificateAlgorithm, error)

CertificateAlgorithmFromString returns a CertificateAlgorithm given a string representation of the byte value of the algorithm.

type UnsupportedAlgorithmError ¶

type UnsupportedAlgorithmError CertificateAlgorithm

UnsupportedAlgorithmError is the error returned when an invalid algorithm is specified.

func (UnsupportedAlgorithmError) Error ¶

func (a UnsupportedAlgorithmError) Error() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL