certs

package

v1.2.1 Latest Latest Go to latest Published: Jan 6, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/splice

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package certs provides splice provisioning support for certificate generation, lookup and verification during the provisioning process.

Index ¶

Variables
func ClientID(cert []byte) string
func Fingerprint(cert []byte) [32]byte
func PublicKey(c []byte) ([]byte, error)
func VerifyCert(c []byte, hostname, base, path, caOrg, roots string, verify bool) error
type Certificate
- func (c *Certificate) Generate(cn string, notBefore, notAfter time.Time) error

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// Intermediates cert pool to be used for validating cert intermediates
	Intermediates = x509.NewCertPool()
	// Roots cert pool to be used for validating cert roots
	Roots = x509.NewCertPool()
)

Functions ¶

func ClientID ¶ added in v1.1.0

func ClientID(cert []byte) string

ClientID returns the client identifier string.

func Fingerprint ¶ added in v1.1.0

func Fingerprint(cert []byte) [32]byte

Fingerprint generates a sha256 certificate fingerprint

func PublicKey ¶

func PublicKey(c []byte) ([]byte, error)

PublicKey takes a raw DER encoded cert, and returns only the public key portion of the certificate in DER format.

func VerifyCert ¶

func VerifyCert(c []byte, hostname, base, path, caOrg, roots string, verify bool) error

VerifyCert takes a raw DER encoded cert, verifies that it is valid and optionally attempts to verify its certificate chain. It returns the DER encoded public key of the certificate.

Types ¶

type Certificate ¶ added in v1.1.0

type Certificate struct {
	Cert      *x509.Certificate
	Decrypter crypto.Decrypter

	Key interface{}
}

Certificate holds a host certificate including the x509 certificate and its corresponding key.

func (*Certificate) Generate ¶ added in v1.1.0

func (c *Certificate) Generate(cn string, notBefore, notAfter time.Time) error

Generate generates a self-signed certificate using a template and returns the certificate in DER format and its key.

Source Files ¶

View all Source files

certs.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL