tlshelper

package

v0.0.0 Latest Latest Go to latest Published: Dec 28, 2022 License: MIT Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/saiya/mesh_for_home_server

Links

Open Source Insights

Documentation ¶

Index ¶

func BuildTLSClientConfig(cfg *config.TLSClientConfig) (*tls.Config, error)
func BuildTLSServerConfig(cfg *config.TLSServerConfig) (*tls.Config, error)
func ParseCertificatePemFile(filepath string) (*x509.Certificate, error)
func ParsePKCS12File(config config.MTLSCertLoadConfig) (*tls.Certificate, error)
func ParsePrivateKeyPemFile(filepath string) (crypto.PrivateKey, error)
type ClientCertGenerateParameter
type ClientCertGenerateResult
- func NewClientCert(rng io.Reader, now time.Time, params ClientCertGenerateParameter) (ClientCertGenerateResult, error)
type RootCAGenerateRequest
type RootCAGenerateResult
- func NewSelfSignedRootCA(req *RootCAGenerateRequest) (*RootCAGenerateResult, error)
- func (result *RootCAGenerateResult) CACertAsPool() *x509.CertPool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BuildTLSClientConfig ¶

func BuildTLSClientConfig(cfg *config.TLSClientConfig) (*tls.Config, error)

func BuildTLSServerConfig ¶

func BuildTLSServerConfig(cfg *config.TLSServerConfig) (*tls.Config, error)

func ParseCertificatePemFile ¶

func ParseCertificatePemFile(filepath string) (*x509.Certificate, error)

ParseCertificatePemFile expects PEM(DER(X509(cert))) format

func ParsePKCS12File ¶

func ParsePKCS12File(config config.MTLSCertLoadConfig) (*tls.Certificate, error)

ParsePKCS12File loads PKCS#12 encoded client credentials (certificate + private key)

func ParsePrivateKeyPemFile ¶

func ParsePrivateKeyPemFile(filepath string) (crypto.PrivateKey, error)

ParsePrivateKeyPemFile expects PEM(DER(PKCS8(key))) format

Types ¶

type ClientCertGenerateParameter ¶

type ClientCertGenerateParameter struct {
	PKCS12password string

	TTL          time.Duration
	SerialNumber *big.Int
	CommonName   string

	RootCACertFile string
	RootCAKeyFile  string
}

type ClientCertGenerateResult ¶

type ClientCertGenerateResult struct {
	// PKCS#12 data contains both private key and client certificate
	PKCS12 []byte

	// TLS certificate object, contains both private key and client certificate
	// Can be used in combination with tls.Config and Go HTTP client.
	TLS *tls.Certificate
}

func NewClientCert ¶

func NewClientCert(
	rng io.Reader, now time.Time,
	params ClientCertGenerateParameter,
) (ClientCertGenerateResult, error)

type RootCAGenerateRequest ¶

type RootCAGenerateRequest struct {
	RNG io.Reader

	// Filepath without suffix/extension.
	FilePathBase string

	NotBefore time.Time
	NotAfter  time.Time

	CommonName string
}

type RootCAGenerateResult ¶

type RootCAGenerateResult struct {
	PublicKey crypto.PublicKey

	PrivateKeyFile string
	PrivateKey     crypto.PrivateKey

	CACertFile string
	CACert     *x509.Certificate
}

func NewSelfSignedRootCA ¶

func NewSelfSignedRootCA(req *RootCAGenerateRequest) (*RootCAGenerateResult, error)

func (*RootCAGenerateResult) CACertAsPool ¶

func (result *RootCAGenerateResult) CACertAsPool() *x509.CertPool

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
tlstesting

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL