pwnedkeys: Index | Files

package pwnedkeys

import ""

Package pwnedkeys looks up Certificates, Certificate requests, Keys, etc in the database.

Lookup is done using the SubjectPublicKeyInfo (SPKI) associated with a key. The SPKI fingerprint of a key (or certificate) is the all-lowercase hex-encoded SHA-256 hash of the DER-encoded form of the subjectPublicKeyInfo ASN.1 structure representing a given public key.


Package Files



var (
    // ErrKeyFound is returned when the key was found in database
    ErrKeyFound = errors.New("private key found in database")

    // ErrHashFailed is returned only when the SHA-256 hashing fails.
    ErrHashFailed = errors.New("unable to generate SHA-256 hash")

func CheckCertificate Uses

func CheckCertificate(client *http.Client, cert *x509.Certificate) error

CheckCertificate returns a non-nil error only if the key information is found in the database. Finding key data implies a compromised key.

Package pwnedkeys imports 6 packages (graph). Updated 2019-01-16. Refresh now. Tools for package owners. This is an inactive package (no imports and no commits in at least two years).