tls

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 3, 2023 License: MIT Imports: 19 Imported by: 0

Documentation

Overview

Package tls provides methods for common TLS-related tasks

Index

Constants

View Source 
const (
	// AlternateNameTypeDNS enum value for DNS type alternate names
	AlternateNameTypeDNS = "dns"
	// AlternateNameTypeEmail enum value for Email type alternate names
	AlternateNameTypeEmail = "email"
	// AlternateNameTypeIP enum value for IP type alternate names
	AlternateNameTypeIP = "ip"
	// AlternateNameTypeURI enum value for URI type alternate names
	AlternateNameTypeURI = "uri"
)
View Source 
const (
	// RSA with a 2048-bit key
	KeyTypeRSA_2048 = "rsa2048"
	// RSA with a 4096-bit key
	KeyTypeRSA_4096 = "rsa4096"
	// RSA with a 8192-bit key
	KeyTypeRSA_8192 = "rsa8192"
	// ECDSA with a 256-bit curve
	KeyTypeECDSA_256 = "ecc256"
	// ECDSA with a 394-bit curve
	KeyTypeECDSA_384 = "ecc384"
)
View Source 
const (
	// SHA 256
	SignatureAlgorithmSHA256 = "sha256"
	// SHA 348
	SignatureAlgorithmSHA384 = "sha384"
	// SHA 512
	SignatureAlgorithmSHA512 = "sha512"
)

Variables

This section is empty.

Functions

func ExportDER 

func ExportDER(certificate *Certificate) ([]byte, []byte, error)

ExportDER will generate DER files for the certificate and private key. Returns the certificate data, key data, and optional error.

func ExportPEM 

func ExportPEM(certificate *Certificate) ([]byte, []byte, error)

ExportPEM will generate PEM files for the certificate and private key. Returns the certificate data, key data, and optional error.

func ExportPKCS12 

func ExportPKCS12(certificate *Certificate, issuer *Certificate, password string) ([]byte, error)

ExportPKCS12 will generate a PKCS12 bag for the given certificate and private key.

An optional issuer certificate can be specified. When included the certificate is included in the bag.

A password is required. Providing an empty string will return an error.

Types

type AlternateName 

type AlternateName struct {
	Type  string
	Value string
}

AlternateName describes an alternate name

type Certificate 

type Certificate struct {
	Serial               string
	Subject              Name
	CertificateAuthority bool
	CertificateData      string
	KeyData              string
}

Certificate describes a certificate

func GenerateCertificate 

func GenerateCertificate(request CertificateRequest, issuer *Certificate) (*Certificate, error)

GenerateCertificate will generate a certificate from the given certificate request

func ImportP12 

func ImportP12(p12Data []byte, password string) (*Certificate, error)

ImportP12 try to import the given P12 data as a certificate object

func ImportPEM 

func ImportPEM(certData []byte, keyData []byte, password string) (*Certificate, error)

ImportPEM try to import the given PEM data as a certificate object

func ImportPEMCertificate 

func ImportPEMCertificate(certData []byte) (*Certificate, error)

ImportPEMCertificate try to import the given PEM certificate only

func (Certificate) Clone 

func (c Certificate) Clone() CertificateRequest

Clone return a certificate request that would match this certificate

func (Certificate) Description 

func (c Certificate) Description() string

Description return a script description of the certificate

func (Certificate) PKey 

func (c Certificate) PKey() crypto.PrivateKey

pKey return the crypto.PrivateKey structure for this certificate (reading from the KeyData bytes). This will panic on an error, but that shouldn't happen unless KeyData was corrupted.

func (Certificate) X509 

func (c Certificate) X509() *x509.Certificate

x509 return the x509.Certificate data structure for this certificate (reading from the CertificateData bytes). This will panic on an error, but that shouldn't happen unless CertificateData was corrupted.

type CertificateRequest 

type CertificateRequest struct {
	KeyType                string
	SignatureAlgorithm     string
	Subject                Name
	Validity               DateRange
	AlternateNames         []AlternateName
	Usage                  KeyUsage
	IsCertificateAuthority bool
	StatusProviders        StatusProviders
}

CertificateRequest describes a certificate request

type DateRange 

type DateRange struct {
	NotBefore time.Time
	NotAfter  time.Time
}

DateRange describes a date range

func (DateRange) IsValid 

func (d DateRange) IsValid() bool

IsValid is the current time and date between this date range

type KeyUsage 

type KeyUsage struct {
	// Basic
	DigitalSignature  bool
	ContentCommitment bool
	KeyEncipherment   bool
	DataEncipherment  bool
	KeyAgreement      bool
	CertSign          bool
	CRLSign           bool
	EncipherOnly      bool
	DecipherOnly      bool

	// Extended
	ServerAuth      bool
	ClientAuth      bool
	CodeSigning     bool
	EmailProtection bool
	TimeStamping    bool
	OCSPSigning     bool
	CustomEKUs      []string
}

KeyUsage describes usage properties for an X.509 key

type Name 

type Name struct {
	Organization string
	City         string
	Province     string
	Country      string
	CommonName   string
}

Name describes a X.509 name object

type StatusProviders 

type StatusProviders struct {
	CRL  *string
	OCSP *string
}

StatusProviders describes providers for certificate status

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.