core

package

v0.0.0-...-3666c06 Latest Latest Go to latest Published: Jun 16, 2023 License: MIT Imports: 23 Imported by: 8

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/recon-tools/cert-ripper-go

Documentation ¶

Index ¶

func CreateCSR(request CertificateRequest) (*x509.CertificateRequest, any, error)
func CreateCertificate(certInput CertificateInput) (*x509.Certificate, error)
func CreateCertificateFromCSR(request *x509.CertificateRequest, notBefore time.Time, validFor time.Duration, ...) (*x509.Certificate, error)
func DecodeCSR(path string) (*x509.CertificateRequest, error)
func DecodeCertificate(path string) ([]*x509.Certificate, error)
func GeneratePrivateKey(signatureAlg x509.SignatureAlgorithm) (keys any, err error)
func GetCertificateChain(u *url.URL) ([]*x509.Certificate, error)
func PrintCSR(csr *x509.CertificateRequest) error
func PrintCertificates(host string, chain []*x509.Certificate) error
func ReadKey(path string) (any, error)
func SaveCSR(csr *x509.CertificateRequest, targetPath string) error
func SaveCertificate(path string, cert *x509.Certificate, certFormat string) error
func SaveCertificateChain(folderPath string, chain []*x509.Certificate, certFormat string) error
func SavePrivateKey(privateKey any, targetPath string) error
func ValidateCertificate(host string, cert *x509.Certificate) (bool, error)
type CertificateInput
type CertificateRequest

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateCSR ¶

func CreateCSR(request CertificateRequest) (*x509.CertificateRequest, any, error)

CreateCSR creates a new Certificate Signature Request and returns it as a slice of bytes

func CreateCertificate ¶

func CreateCertificate(certInput CertificateInput) (*x509.Certificate, error)

CreateCertificate generates a self-signed X509 certificate

func CreateCertificateFromCSR ¶

func CreateCertificateFromCSR(request *x509.CertificateRequest,
	notBefore time.Time,
	validFor time.Duration,
	isCA bool,
	privateKey any) (*x509.Certificate, error)

CreateCertificateFromCSR generates a self-signed X509 certificate from a CSR request

func DecodeCSR ¶

func DecodeCSR(path string) (*x509.CertificateRequest, error)

DecodeCSR reads a PEM .csr file, decodes it

func DecodeCertificate ¶

func DecodeCertificate(path string) ([]*x509.Certificate, error)

DecodeCertificate reads a certificate file, decodes it. The reason for returning a slice is that PKCS7 files are allowed to contain multiple certificates

func GeneratePrivateKey ¶

func GeneratePrivateKey(signatureAlg x509.SignatureAlgorithm) (keys any, err error)

func GetCertificateChain ¶

func GetCertificateChain(u *url.URL) ([]*x509.Certificate, error)

GetCertificateChain gets the certificate chain for the hostname or a URL. In case the certificate chain does not contain the root certificate, we will attend to fetch it using issuer location of the last certificate from the chain.

func PrintCSR ¶

func PrintCSR(csr *x509.CertificateRequest) error

PrintCSR print the content the CSR request to the STDOUT in OpenSSL text format

func PrintCertificates ¶

func PrintCertificates(host string, chain []*x509.Certificate) error

PrintCertificates prints the certificates from the chain to stdout in human-readable format.

func ReadKey ¶

func ReadKey(path string) (any, error)

ReadKey reads the private key from a .PEM file

func SaveCSR ¶

func SaveCSR(csr *x509.CertificateRequest, targetPath string) error

SaveCSR saves the CSR in PEM format to a location

func SaveCertificate ¶

func SaveCertificate(path string, cert *x509.Certificate, certFormat string) error

SaveCertificate saves a certificate to the location specified by the `path` using a supported format

func SaveCertificateChain ¶

func SaveCertificateChain(folderPath string, chain []*x509.Certificate, certFormat string) error

SaveCertificateChain saves the certificates from the chain into a folder

func SavePrivateKey ¶

func SavePrivateKey(privateKey any, targetPath string) error

SavePrivateKey saves the private key (RSA, EC) in PEM format to a location

func ValidateCertificate ¶

func ValidateCertificate(host string, cert *x509.Certificate) (bool, error)

ValidateCertificate validate server certificate using the following steps: 1. Check the expiration date 2. Check if the certificate is trusted using the trust store from the host machine 3. Check if the certificate is not part of a revocation list

Types ¶

type CertificateInput ¶

type CertificateInput struct {
	CommonName string
	NotBefore  time.Time
	ValidFor   time.Duration
	IsCA       bool

	Country        *[]string
	State          *[]string
	City           *[]string
	Street         *[]string
	PostalCode     *[]string
	Organization   *[]string
	OrgUnit        *[]string
	EmailAddresses *[]string
	OidEmail       string

	SubjectAlternativeHosts *[]string

	PrivateKey any
}

type CertificateRequest ¶

type CertificateRequest struct {
	CommonName     string
	Country        *[]string
	State          *[]string
	City           *[]string
	Street         *[]string
	PostalCode     *[]string
	Organization   *[]string
	OrgUnit        *[]string
	EmailAddresses *[]string
	OidEmail       string

	SubjectAlternativeHosts *[]string

	SignatureAlg x509.SignatureAlgorithm
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL