pubkey

package

v0.1.9 Latest Latest Go to latest Published: Jun 7, 2022 License: Apache-2.0, MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kloeckner-i/db-auth-gateway

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func EncodePublicKey(pubKey *rsa.PublicKey) (string, error)
func Fingerprint(cert *x509.Certificate) string
func NewServerCertificateValidator(rootCAs *x509.CertPool, instance string) func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
func ParseCertificate(certPEM string) (*x509.Certificate, error)
type Authority
- func NewAuthority(subject pkix.Name, ttl time.Duration) (*Authority, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// ErrCommonNameMismatch is returned when the server certificate common name does not match our database.
	ErrCommonNameMismatch = errors.New("certificate common name did not match")
	// ErrInvalidPEM is returned when a malformed certificate is provided.
	ErrInvalidPEM = errors.New("invalid pem")
	// ErrNoCertificate is returned when the server does not supply a valid certificate chain.
	ErrNoCertificate = errors.New("no certificate to verify")
)

Functions ¶

func EncodePublicKey ¶

func EncodePublicKey(pubKey *rsa.PublicKey) (string, error)

EncodePublicKey encodes an RSA public key into its PEM representation.

func Fingerprint ¶

func Fingerprint(cert *x509.Certificate) string

Fingerprint returns the encoded fingerprint for the given certificate.

func NewServerCertificateValidator ¶

func NewServerCertificateValidator(rootCAs *x509.CertPool, instance string) func(
	rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error

NewServerCertificateValidator creates a new custom server certificate validator from the given certificate authority, and instance details.

func ParseCertificate ¶

func ParseCertificate(certPEM string) (*x509.Certificate, error)

ParseCertificate decodes a PEM encoded certificate.

Types ¶

type Authority ¶

type Authority struct {
	// contains filtered or unexported fields
}

Authority is a local certificate authority used by the mock service that is part of the db-auth-gateway tests.

func NewAuthority ¶

func NewAuthority(subject pkix.Name, ttl time.Duration) (*Authority, error)

NewAuthority constructs a new self signed certificate authority.

func (*Authority) CertPEM ¶

func (a *Authority) CertPEM() string

CertPEM returns the PEM encoded certificate authority certificate.

func (*Authority) IsRevoked ¶

func (a *Authority) IsRevoked(cert *x509.Certificate) bool

IsRevoked is used to check if a client certificate has been revoked.

func (*Authority) RevokeAll ¶

func (a *Authority) RevokeAll()

RevokeAll revokes all currently issued client certificates.

func (*Authority) Sign ¶

func (a *Authority) Sign(pubKeyPEM string, subject pkix.Name, ttl time.Duration) (string, error)

Sign creates a signed certificate from the supplied public key.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL