certhelper

package
v0.0.0-...-6b03781 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2019 License: MIT Imports: 13 Imported by: 0

README

certhelper

Generate and manipulate x509 certificates.

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// Certificates are valid for a year.
	CertValidityConstant = 1
	// Leaf certificate key usage.
	LeafKeyUsageConstant = x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment
	// Default max path length is 0.
	MaxPathLenConstant = 0
	// CA key usage.
	CAKeyUsageConstant = x509.KeyUsageCertSign
)

Functions

func CATemplate 

func CATemplate(commonName, orgUnit, serialNumber, countryCode string,
	algo string) (*x509.Certificate, error)

CATemplate returns an x509.Certificate template for a root CA. algo can be "RSA" or "EC" (case-insensitive). Default values: 

validity = CertValidity in constants.go. 1 year.
maxPathLen = 0 - can only sign leaf certificates.
keyUsage = x509.KeyUsageCertSign - CAKeyUsageConstant

func CertDERToPEM 

func CertDERToPEM(certDER []byte) (certPEM []byte, err error)

CertDERToPEM converts a DER certificate to PEM.

func CertDERToPEMFile 

func CertDERToPEMFile(certDER []byte, filename string) error

CertDERToPEMFile converts a DER certificate to PEM and stores it in a file.

func CertToPEM 

func CertToPEM(cert *x509.Certificate) ([]byte, error)

CertToPEM converts cert *x509.Certificate to PEM.

func CertToPEMFile 

func CertToPEMFile(cert *x509.Certificate, filename string) error

CertToPEMFile converts cert *x509.Certificate to PEM and stores it in a file.

func CustomCATemplate 

func CustomCATemplate(commonName, orgUnit, serialNumber, countryCode, algo string,
	validity, maxPathLen int, keyUsage x509.KeyUsage) (*x509.Certificate, error)

CustomCATemplate returns an x509.Certificate template for a root CA. 

algo must be "RSA" or "EC" (case-insensitive).
validity is in years. For example, 1.
if maxPathLen is zero, the certificate can only sign leaf certificates and
MaxPathLenZero is also set to true.
keyUsage is a mix of https://golang.org/pkg/crypto/x509/#KeyUsage. For example,
x509.KeyUsageCertSign | x509.KeyUsageCRLSign.
For more customization, manually create a https://golang.org/pkg/crypto/x509/#Certificate.

func CustomECLeafCert 

func CustomECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string,
	validity int, caCert *x509.Certificate,
	caPrivKey interface{}) (*x509.Certificate, *ecdsa.PrivateKey, error)

CustomECLeafCert returns a custom leaf certificate with an EC key. Certificate signed by caCert with caPrivKey.

func CustomECRootCA 

func CustomECRootCA(commonName, orgUnit, serialNumber, countryCode, curve string,
	validity, maxPathLen int,
	keyUsage x509.KeyUsage) (*x509.Certificate, *ecdsa.PrivateKey, error)

CustomECRootCA returns a custom self-signed x509 root CA with an EC key.

func CustomLeafTemplate 

func CustomLeafTemplate(commonName, orgUnit, serialNumber, countryCode, algo string,
	validity int, keyUsage x509.KeyUsage) (*x509.Certificate, error)

CustomLeafTemplate returns a custom x509.Certificate template for a leaf certificate.

func CustomRSALeafCert 

func CustomRSALeafCert(commonName, orgUnit, serialNumber, countryCode string,
	validity, keySize int, caCert *x509.Certificate,
	caPrivKey interface{}) (*x509.Certificate, *rsa.PrivateKey, error)

CustomRSALeafCert returns a certificate signed by caCert. The certificate uses an RSA key. caCert can have any type of key.

func CustomRSARootCA 

func CustomRSARootCA(commonName, orgUnit, serialNumber, countryCode string,
	keySize, validity, maxPathLen int, keyUsage x509.KeyUsage) (*x509.Certificate, *rsa.PrivateKey, error)

CustomRSARootCA returns a custom self-signed x509 CA with an RSA key.

func ECKeys 

func ECKeys(curve string) (*ecdsa.PrivateKey, error)

ECKeys returns an EC key pair with a specified curve. Valid curves are P224, P256, P384 and P521 (case-insensitive). If curve is invalid or empty, P224 is used. Go's supported curves: https://golang.org/pkg/crypto/elliptic/#Curve

func ECLeafCert 

func ECLeafCert(commonName, orgUnit, serialNumber, countryCode, curve string,
	caCert *x509.Certificate,
	caPrivKey interface{}) (*x509.Certificate, *ecdsa.PrivateKey, error)

ECLeafCert returns a leaf certificate with an EC key.

func ECRootCA 

func ECRootCA(commonName, orgUnit, serialNumber, countryCode string,
	curve string) (*x509.Certificate, *ecdsa.PrivateKey, error)

ECRootCA returns a self-signed x509 root CA with an EC key.

func KeyToPEM 

func KeyToPEM(privKey interface{}) (keyPEM []byte, err error)

KeyToPEM converts a private key (RSA or EC) to PEM.

func KeyToPEMFile 

func KeyToPEMFile(privKey interface{}, filename string) error

KeyToPEMFile converts a private key to PEM and stores it in a file.

func LeafTemplate 

func LeafTemplate(commonName, orgUnit, serialNumber, countryCode string,
	algo string) (*x509.Certificate, error)

LeafTemplate returns an x509.Certificate template for a leaf certificate.

func RSALeafCert 

func RSALeafCert(commonName, orgUnit, serialNumber, countryCode string,
	keySize int, caCert *x509.Certificate,
	caPrivKey interface{}) (*x509.Certificate, *rsa.PrivateKey, error)

RSALeafCert returns a lead certificate signed by caCert.

func RSARootCA 

func RSARootCA(commonName, orgUnit, serialNumber, countryCode string,
	keySize int) (*x509.Certificate, *rsa.PrivateKey, error)

RSARootCA returns a self-signed x509 root CA with an RSA key.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.