cert

package

v0.0.0-...-35f3e1e Latest Latest Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/facebook/time

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Bundle
- func Fetch(host string) (*Bundle, error)
- func Parse(data []byte) (*Bundle, error)
- func (b *Bundle) Equals(other *Bundle) bool
- func (b *Bundle) Verify(hostname string, t time.Time) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrBundleNil indicates a nil bundle was supplied
	ErrBundleNil = errors.New("bundle is nil")
	// ErrBundleNoCertForHost indicates that there was no certificate for the given hostname
	ErrBundleNoCertForHost = errors.New("bundle has no certificate for supplied host")
	// ErrBundleNoCerts indicates that the supplied bundle contains no certificates
	ErrBundleNoCerts = errors.New("bundle has no certificates")
	// ErrBundleNoPrivKey indicates that the supplied bundle contains no private key
	ErrBundleNoPrivKey = errors.New("bundle has no private key")
	// ErrCertExpired indicates the supplied certificate is no longer valid
	ErrCertExpired = errors.New("certificate has expired")
	// ErrCertNotYetValid indicates that the valid data for the certificate has not been reached
	ErrCertNotYetValid = errors.New("certificate is not yet valid")
	// ErrFailedToParsePEM indicates the supplied data could not be parsed as valid PEM data
	ErrFailedToParsePEM = errors.New("failed to parse certificate PEM")
	// ErrMultiplePrivKeys indicates that more than one private key was found in the supplied PEM data
	ErrMultiplePrivKeys = errors.New("multiple private keys in PEM")
	// ErrOnlyRSA indicates a non-RSA private key was provided
	ErrOnlyRSA = errors.New("only RSA private keys are supported")
	// ErrUnsupportedPEMBlock indicates an unknown PEM block type was encountered in the supplied PEM data
	ErrUnsupportedPEMBlock = errors.New("unsupported PEM block")
)

This are the errors that can be raised by certificate parsing and validation

Functions ¶

This section is empty.

Types ¶

type Bundle ¶

type Bundle struct {
	Certs   []*x509.Certificate
	PrivKey *rsa.PrivateKey
}

Bundle holds details of a key + its certificates

func Fetch ¶

func Fetch(host string) (*Bundle, error)

Fetch connects to the remote host specification (hostname + TCP port) and retrieves the remote TLS certificate, returning it as a Bundle.

func Parse ¶

func Parse(data []byte) (*Bundle, error)

Parse parses the supplied byte array to check it is a valid x509 PEM file. If this is successful the certificate bundle (key + any certs) is returned. If not an error is returned.

func (*Bundle) Equals ¶

func (b *Bundle) Equals(other *Bundle) bool

Equals compares two bundles and returns true if they both contain exactly the same certificates.

func (*Bundle) Verify ¶

func (b *Bundle) Verify(hostname string, t time.Time) error

Verify verifies the supplied bundle checking that:

We have a private key
We have a cert
One of the cert CNs matches the supplied hostname
The cert validity date before and ends after the supplied time.

Returns an error if any of these are not satisfied.

Source Files ¶

View all Source files

cert.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL