pki

package

v0.0.0-...-4b07ea2 Latest Latest Go to latest Published: Oct 31, 2017 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/istio/old_auth_repo

Links

Open Source Insights

Documentation ¶

Index ¶

func BuildSANExtension(identites []Identity) (*pkix.Extension, error)
func ExtractIDs(exts []pkix.Extension) []string
func ExtractSANExtension(exts []pkix.Extension) *pkix.Extension
func ParsePemEncodedCSR(csrBytes []byte) (*x509.CertificateRequest, error)
func ParsePemEncodedCertificate(certBytes []byte) (*x509.Certificate, error)
func ParsePemEncodedKey(keyBytes []byte) (crypto.PrivateKey, error)
type Identity
- func ExtractIDsFromSAN(sanExt *pkix.Extension) ([]Identity, error)
type IdentityType

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuildSANExtension ¶

func BuildSANExtension(identites []Identity) (*pkix.Extension, error)

BuildSANExtension builds a `pkix.Extension` of type "Subject Alternative Name" based on the given identities.

func ExtractIDs ¶

func ExtractIDs(exts []pkix.Extension) []string

ExtractIDs first finds the SAN extension from the given extension set, then extract identities from the SAN extension.

func ExtractSANExtension ¶

func ExtractSANExtension(exts []pkix.Extension) *pkix.Extension

ExtractSANExtension extracts the "Subject Alternative Name" externsion from the given PKIX extension set.

func ParsePemEncodedCSR ¶

func ParsePemEncodedCSR(csrBytes []byte) (*x509.CertificateRequest, error)

ParsePemEncodedCSR constructs a `x509.CertificateRequest` object using the given PEM-encoded certificate signing request.

func ParsePemEncodedCertificate ¶

func ParsePemEncodedCertificate(certBytes []byte) (*x509.Certificate, error)

ParsePemEncodedCertificate constructs a `x509.Certificate` object using the given a PEM-encoded certificate.

func ParsePemEncodedKey ¶

func ParsePemEncodedKey(keyBytes []byte) (crypto.PrivateKey, error)

ParsePemEncodedKey takes a PEM-encoded key and parsed the bytes into a `crypto.PrivateKey`.

Types ¶

type Identity ¶

type Identity struct {
	Type  IdentityType
	Value []byte
}

Identity is an object holding both the encoded identifier bytes as well as the type of the identity.

func ExtractIDsFromSAN ¶

func ExtractIDsFromSAN(sanExt *pkix.Extension) ([]Identity, error)

ExtractIDsFromSAN takes a SAN extension and extracts the identities. The logic is mostly borrowed from https://github.com/golang/go/blob/master/src/crypto/x509/x509.go, with the addition of supporting extracting URIs.

type IdentityType ¶

type IdentityType int

IdentityType represents type of an identity. This is used to properly encode an identity into a SAN extension.

const (
	// TypeDNS represents a DNS name.
	TypeDNS IdentityType = iota
	// TypeIP represents an IP address.
	TypeIP
	// TypeURI represents a universal resource identifier.
	TypeURI
)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
ca
controller
testutil

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL