Documentation ¶
Overview ¶
Package tokenpki includes helpers and utilities for exchanging certificates and parsing token PKCS#7 S/MIME messages from the Apple ABM/ASM/BE portals.
Index ¶
- func CertificateFromPEM(cert []byte) (*x509.Certificate, error)
- func DecryptTokenJSON(tokenBytes []byte, cert *x509.Certificate, key crypto.PrivateKey) ([]byte, error)
- func PEMCertificate(derBytes []byte) []byte
- func PEMRSAPrivateKey(key *rsa.PrivateKey) []byte
- func RSAKeyFromPEM(key []byte) (*rsa.PrivateKey, error)
- func SelfSignedRSAKeypair(cn string, days int64) (*rsa.PrivateKey, *x509.Certificate, error)
- func UnwrapSMIME(smime []byte) ([]byte, error)
- func UnwrapTokenJSON(wrapped []byte) ([]byte, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CertificateFromPEM ¶
func CertificateFromPEM(cert []byte) (*x509.Certificate, error)
CertificateFromPEM decodes a PEM certificate.
func DecryptTokenJSON ¶
func DecryptTokenJSON(tokenBytes []byte, cert *x509.Certificate, key crypto.PrivateKey) ([]byte, error)
DecryptTokenJSON decrypts and decodes the downloaded token ".p7m" file from the ABM/ASM/BE portal to return the actual JSON contained within.
func PEMCertificate ¶
PEMCertificate returns derBytes encoded as a PEM block.
func PEMRSAPrivateKey ¶ added in v0.2.0
func PEMRSAPrivateKey(key *rsa.PrivateKey) []byte
PEMRSAPrivateKey returns key as a PEM block.
func RSAKeyFromPEM ¶ added in v0.2.0
func RSAKeyFromPEM(key []byte) (*rsa.PrivateKey, error)
RSAKeyFromPEM decodes a PEM RSA private key.
func SelfSignedRSAKeypair ¶
func SelfSignedRSAKeypair(cn string, days int64) (*rsa.PrivateKey, *x509.Certificate, error)
SelfSignedRSAKeypair generates a 2048-bit RSA private key and self-signs an X.509 certificate using it. You can set the Common Name in cn and the validity duration with days.
func UnwrapSMIME ¶
UnwrapSMIME removes the S/MIME-like header wrapper around the raw encrypted CMS/PKCS#7 data in the downloaded token ".p7m" file from the ABM/ASM/BE portal.
func UnwrapTokenJSON ¶
UnwrapTokenJSON removes the S/MIME-like header wrapper around the the decrypted JSON tokens from the token header.
Types ¶
This section is empty.