pwnedkeys: github.com/adamdecaf/pwnedkeys Index | Files

package pwnedkeys

import "github.com/adamdecaf/pwnedkeys"

Package pwnedkeys looks up Certificates, Certificate requests, Keys, etc in the pwnedkeys.com database.

Lookup is done using the SubjectPublicKeyInfo (SPKI) associated with a key. The SPKI fingerprint of a key (or certificate) is the all-lowercase hex-encoded SHA-256 hash of the DER-encoded form of the subjectPublicKeyInfo ASN.1 structure representing a given public key.

Index

Package Files

pwnedkeys.go

Variables

var (
    // ErrKeyFound is returned when the key was found in pwnedkeys.com database
    ErrKeyFound = errors.New("private key found in pwnedkeys.com database")

    // ErrHashFailed is returned only when the SHA-256 hashing fails.
    ErrHashFailed = errors.New("unable to generate SHA-256 hash")
)

func CheckCertificate Uses

func CheckCertificate(client *http.Client, cert *x509.Certificate) error

CheckCertificate returns a non-nil error only if the key information is found in the pwnedkeys.com database. Finding key data implies a compromised key.

Package pwnedkeys imports 6 packages (graph). Updated 2019-01-16. Refresh now. Tools for package owners.