certnames

package

v0.6.5 Latest Latest Go to latest Published: Aug 14, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chronos-tachyon/roxy

Links

Open Source Insights

Documentation ¶

Overview ¶

Package certnames contains helpers for validating X.509 client certificates.

Constants ¶

View Source

const ANY = "ANY"

ANY is the string representation of a CertNames that permits all certificates.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type CertNames ¶

type CertNames struct {
	// contains filtered or unexported fields
}

CertNames is a set of permitted Subject Distinguished Name and Subject Alternative Name components that a client certificate can match.

func (CertNames) AppendTo ¶

func (cns CertNames) AppendTo(out *strings.Builder)

AppendTo efficiently appends the string representation to the given Builder. See FromList for details about the format.

func (CertNames) Check ¶

func (cns CertNames) Check(cert *x509.Certificate) bool

Check returns true if the given cert matches at least one permitted name.

func (*CertNames) FromList ¶

func (cns *CertNames) FromList(list []string) error

FromList parses a list of names.

"ANY" permits all certificates
"O=<org>" permits certs with a Subject.Organization of <org>
"OU=<unit>" permits certs with a Subject.OrganizationalUnit of <unit>
"CN=<name>" permits certs with a Subject.CommonName of <name>
"E=<email>" permits certs with a Subject.Name of Type OID(1.2.840.113549.1.9.1) (the obsolete DN field "emailAddress") and value <email>, or with an EmailAddress SAN of <email>
If the list item isn't "KEY=VALUE"-shaped, then the parser will make an educated guess as to whether the list item is meant to be a commonName or an emailAddress.

func (CertNames) IsPermitAll ¶

func (cns CertNames) IsPermitAll() bool

IsPermitAll returns true if all certificates are permitted.

func (CertNames) List ¶

func (cns CertNames) List() []string

List returns the list of permitted names, or ["ANY"] if all certificates are permitted. See FromList for details about the format.

func (CertNames) MarshalJSON ¶

func (cns CertNames) MarshalJSON() ([]byte, error)

MarshalJSON fulfills json.Marshaler.

func (*CertNames) Parse ¶

func (cns *CertNames) Parse(str string) error

Parse parses a colon-delimited list of names. See FromList for details about the format.

func (CertNames) String ¶

func (cns CertNames) String() string

String returns a colon-delimited list of permitted names, or "ANY" if all certificates are permitted. See FromList for details about the format.

func (*CertNames) UnmarshalJSON ¶

func (cns *CertNames) UnmarshalJSON(raw []byte) error

UnmarshalJSON fulfills json.Unmarshaler.

type ParseError ¶

type ParseError struct {
	Key   string
	Value string
}

ParseError represents a parsing error in CertNames.FromList.

func (ParseError) Error ¶

func (err ParseError) Error() string

Error fulfills the error interface.

Source Files ¶

View all Source files

certnames.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL