apiPackage api implements an HTTP-based API and server for CFSSL.
api/bundlePackage bundle implements the HTTP handler for the bundle command.
api/certinfoPackage certinfo implements the HTTP handler for the certinfo command.
api/clientPackage client implements a Go client for CFSSL API commands.
api/crlPackage crl implements the HTTP handler for the crl command.
api/gencrlPackage gencrl implements the HTTP handler for the gencrl commands.
api/generatorPackage generator implements the HTTP handlers for certificate generation.
api/infoPackage info implements the HTTP handler for the info command.
api/initcaPackage initca implements the HTTP handler for the CA initialization command
api/ocspPackage ocsp implements the HTTP handler for the ocsp commands.
api/revokePackage revoke implements the HTTP handler for the revoke command
api/signPackage sign implements the HTTP handler for the certificate signing command.
api/signhandlerPackage signhandler provides the handlers for signers.
authPackage auth implements an interface for providing CFSSL authentication.
bundlerPackage bundler implements certificate bundling functionality for CFSSL.
certdb/ocspstaplingPackage ocspstapling implements OCSP stapling of Signed Certificate Timestamps (SCTs) into OCSP responses in a database.
cliPackage cli provides the template for adding new cfssl commands
cli/bundlePackage bundle implements the bundle command.
cli/certinfoPackage certinfo implements the certinfo command
cli/crlPackage crl implements the crl command
cli/gencertPackage gencert implements the gencert command.
cli/gencrlPackage gencrl implements the gencrl command
cli/gencsrPackage gencsr implements the gencsr command.
cli/genkeyPackage genkey implements the genkey command.
cli/infoPackage info implements the info command.
cli/ocspdumpPackage ocspdump implements the ocspdump command.
cli/ocsprefreshPackage ocsprefresh implements the ocsprefresh command.
cli/ocspservePackage ocspserve implements the ocspserve function.
cli/ocspsignPackage ocspsign implements the ocspsign command.
cli/revokePackage revoke implements the revoke command.
cli/selfsignPackage selfsign implements the selfsign command.
cli/servePackage serve implements the serve command for CFSSL's API.
cli/signPackage sign implements the sign command.
cli/versionPackage version implements the version command.
cmd/cfsslcfssl is the command line tool to issue/sign/bundle client certificate.
cmd/cfssljsoncfssljson splits out JSON with cert, csr, and key fields to separate files.
cmd/mkbundlemkbundle is a commandline tool for building certificate pool bundles.
configPackage config contains the configuration logic for CFSSL.
crlPackage crl exposes Certificate Revocation List generation functionality
cryptoPackage crypto contains implementations of crypto.Signer.
crypto/pkcs7Package pkcs7 implements the subset of the CMS PKCS #7 datatype that is typically used to package certificates and CRLs.
csrPackage csr implements certificate requests for CFSSL.
errorsPackage errors provides error types returned in CF SSL.
helpersPackage helpers implements utility functionality common to many CFSSL packages.
helpers/derhelpersPackage derhelpers implements common functionality on DER encoded data
infoPackage info contains the definitions for the info endpoint
initcaPackage initca contains code to initialise a certificate authority, generating a new root key and certificate.
logPackage log implements a wrapper around the Go standard library's logging package.
multiroot/configPackage config contains the multi-root configuration file parser.
ocspPackage ocsp exposes OCSP signing functionality, much like the signer package does for certificate signing.
ocsp/configPackage config in the ocsp directory provides configuration data for an OCSP signer.
revokePackage revoke provides functionality for checking the validity of a cert.
scan/cryptoPackage crypto collects common cryptographic constants.
scan/crypto/md5Package md5 implements the MD5 hash algorithm as defined in RFC 1321.
scan/crypto/rsaPackage rsa implements RSA encryption as specified in PKCS#1.
scan/crypto/sha1Package sha1 implements the SHA1 hash algorithm as defined in RFC 3174.
scan/crypto/sha256Package sha256 implements the SHA224 and SHA256 hash algorithms as defined in FIPS 180-4.
scan/crypto/sha512Package sha512 implements the SHA-384, SHA-512, SHA-512/224, and SHA-512/256 hash algorithms as defined in FIPS 180-4.
scan/crypto/tlsPackage tls partially implements TLS 1.2, as specified in RFC 5246.
selfsignPackage selfsign implements certificate selfsigning.
signerPackage signer implements certificate signature functionality for CFSSL.
signer/localPackage local implements certificate signature functionality for CFSSL.
signer/universalPackage universal implements a signer that can do remote or local
transportPackage transport implements functions for facilitating proper TLS-secured communications for clients and servers.
transport/caPackage ca provides the CertificateAuthority interface for the transport package, which provides an interface to get a CSR signed by some certificate authority.
transport/ca/localcaPackage localca implements a localca that is useful for testing the transport package.
transport/corePackage core contains core definitions for the transport package, the most salient of which is likely the Identity type.
transport/example/exlibPackage exlib contains common library code for the examples.
transport/kpPackage kp describes transport key providers and provides a reference implementation.
transport/rootsPackage roots includes support for loading trusted roots from various sources.
ubiquityPackage ubiquity contains the ubiquity scoring logic for CFSSL bundling.
whitelistPackage whitelist implements IP whitelisting for various types of connections.

Updated 2020-10-22. Refresh now. Tools for package owners.