util

package
v4.24.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2023 License: Apache-2.0 Imports: 19 Imported by: 1

Documentation

Overview

This file contains functions that were copied from x509.pem_decrypt.go in order to keep supporting X509EncryptPEMBlock and x509DecryptPEMBlock the use of this is not recommended, this is just to continue supporting old applications.

Index

Constants

View Source 
const (
	IssuerHintMicrosoft     = "MICROSOFT"
	IssuerHintDigicert      = "DIGICERT"
	IssuerHintEntrust       = "ENTRUST"
	PathSeparator           = "\\"
	ApplicationServerTypeID = "784938d1-ef0d-11eb-9461-7bb533ba575b"
)
View Source 
const LegacyPem = "legacy-pem"
View Source 
const (
	RsaPrivKeyType = "RSA PRIVATE KEY"
)

Variables

View Source 
var IncorrectPasswordError = fmt.Errorf("x509: decryption password incorrect")

IncorrectPasswordError is returned when an incorrect password is detected.

Functions

func ArrayContainsString added in v4.22.0 

func ArrayContainsString(s []string, e string) bool

TODO: test this function

func ConvertSecondsToTime added in v4.15.0 

func ConvertSecondsToTime(t int64) time.Time

func DecryptPkcs8PrivateKey added in v4.16.0 

func DecryptPkcs8PrivateKey(privateKey, password string) (string, error)

func EncryptPkcs1PrivateKey added in v4.17.0 

func EncryptPkcs1PrivateKey(privateKey, password string) (string, error)

func GenerateSshKeyPair added in v4.15.0 

func GenerateSshKeyPair(bitSize int, keyPassword, certId string, format ...string) ([]byte, []byte, error)

func GetBooleanRef added in v4.18.0 

func GetBooleanRef(val bool) *bool

func GetIntRef added in v4.18.0 

func GetIntRef(val int) *int

func GetJsonAsString added in v4.15.0 

func GetJsonAsString(i interface{}) (s string)

func GetPrivateKeyType added in v4.18.0 

func GetPrivateKeyType(pk, pass string) string

func X509DecryptPEMBlock added in v4.17.0 

func X509DecryptPEMBlock(b *pem.Block, password []byte) ([]byte, error)

DecryptPEMBlock takes a password encrypted PEM block and the password used to encrypt it and returns a slice of decrypted DER encoded bytes. It inspects the DEK-Info header to determine the algorithm used for decryption. If no DEK-Info header is present, an error is returned. If an incorrect password is detected an IncorrectPasswordError is returned. Because of deficiencies in the encrypted-PEM format, it's not always possible to detect an incorrect password. In these cases no error will be returned but the decrypted DER bytes will be random noise.

func X509EncryptPEMBlock added in v4.17.0 

func X509EncryptPEMBlock(rand io.Reader, blockType string, data, password []byte, alg PEMCipher) (*pem.Block, error)

EncryptPEMBlock returns a PEM block of the specified type holding the given DER-encoded data encrypted with the specified algorithm and password.

func X509IsEncryptedPEMBlock added in v4.17.0 

func X509IsEncryptedPEMBlock(b *pem.Block) bool

IsEncryptedPEMBlock returns whether the PEM block is password encrypted according to RFC 1423. design. Since it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext.

Types

type PEMCipher added in v4.17.0 

type PEMCipher int
const (
	PEMCipherDES PEMCipher
	PEMCipher3DES
	PEMCipherAES128
	PEMCipherAES192
	PEMCipherAES256
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.