certs

package

v0.27.0 Latest Latest Go to latest Published: Feb 20, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

This section is empty.

This section is empty.

func Active(cert *x509.Certificate) bool

Active checks if the given cert is within its valid time window

func PEMSHA256(certPEM []byte) (hash string)

PEMSHA256 returns the hex encoded SHA 256 hash of the given PEM encoded cert

func PEMToCert(certPEM []byte) (*x509.Certificate, error)

PEMToCert converts the PEM block of the given byte array to an x509 certificate

func VerifyCert(ca, cert *x509.Certificate, host string) error

VerifyCert checks that the given cert is signed and trusted by the given CA

type CertGenerator interface {
	Generate(notAfter time.Time, organization string, ca *KeyPair, hosts []string) (*KeyPair, error)
}

type CertGeneratorFunc func(notAfter time.Time, organization string, ca *KeyPair, hosts []string) (*KeyPair, error)

func (f CertGeneratorFunc) Generate(notAfter time.Time, organization string, ca *KeyPair, hosts []string) (*KeyPair, error)

type KeyPair struct {
	Cert *x509.Certificate
	Priv *ecdsa.PrivateKey
}

KeyPair stores an x509 certificate and its ECDSA private key

func CreateSignedServingPair(notAfter time.Time, organization string, ca *KeyPair, hosts []string) (*KeyPair, error)

CreateSignedServingPair creates a serving cert/key pair signed by the given ca

func GenerateCA(notAfter time.Time, organization string) (*KeyPair, error)

GenerateCA generates a self-signed CA cert/key pair that expires in expiresIn days

func (kp *KeyPair) ToPEM() (certPEM []byte, privPEM []byte, err error)

ToPEM returns the PEM encoded cert pair

type PEMHash func(certPEM []byte) (hash string)

PEMHash returns a hash of the given PEM encoded cert