pemutil

package module

v0.1.2 Latest Latest Go to latest Published: Jan 7, 2024 License: MIT Imports: 11 Imported by: 6

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kenshaw/pemutil

Links

Open Source Insights

README ¶

pemutil

A Go package that provides a light wrapper to load PEM-encoded data, meant to ease the loading, parsing and decoding of PEM data into standard crypto primitives.

Installation

Install the package via the following:

$ go get -u github.com/kenshaw/pemutil

Usage

Please see the GoDoc API page for a full API listing.

The pemutil package can be used similarly to the following:

// _example/main.go
package main

//go:generate openssl genrsa -out rsa-private.pem 2048
//go:generate openssl rsa -in rsa-private.pem -outform PEM -pubout -out rsa-public.pem

import (
	"log"
	"os"

	"github.com/kenshaw/pemutil"
)

func main() {
	// create store and load our private key
	keyset, err := pemutil.LoadFile("rsa-private.pem")
	if err != nil {
		log.Fatal(err)
	}

	// do something with keyset.RSAPrivateKey()

	// get pem data and write to disk
	buf, err := keyset.Bytes()
	if err != nil {
		log.Fatal(err)
	}
	os.Stdout.Write(buf)
}

Documentation ¶

Overview ¶

Package pemutil provides a simple, high-level API to load, parse, and decode standard crypto primitives (ie, rsa.PrivateKey, ecdsa.PrivateKey, etc) from PEM-encoded data.

Example:

store, err := pemutil.LoadFile("/path/to/file")
if err != nil { /* ... */ }

if rsaPrivKey, ok := store.RSAPrivateKey(); !ok {
	// PEM does not contain an RSA private key
}

Index ¶

func Decode(s Store, buf []byte) error
func EncodePrimitive(p interface{}) ([]byte, error)
func ParsePKCSPrivateKey(buf []byte) (interface{}, error)
type BlockType
- func (bt BlockType) String() string
type Store

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Decode ¶

func Decode(s Store, buf []byte) error

Decode parses and decodes PEM-encoded data from buf, storing any resulting crypto primitives encountered into the Store. The decoded PEM BlockType will be used as the map key for each primitive.

func EncodePrimitive ¶

func EncodePrimitive(p interface{}) ([]byte, error)

EncodePrimitive encodes the crypto primitive p into PEM-encoded data.

func ParsePKCSPrivateKey ¶

func ParsePKCSPrivateKey(buf []byte) (interface{}, error)

ParsePKCSPrivateKey attempts to decode a RSA private key first using PKCS1 encoding, and then PKCS8 encoding.

Types ¶

type BlockType ¶

type BlockType string

BlockType is a PEM block type.

const (
	// PrivateKey is the "PRIVATE KEY" block type.
	PrivateKey BlockType = "PRIVATE KEY"

	// RSAPrivateKey is the "RSA PRIVATE KEY" block type.
	RSAPrivateKey BlockType = "RSA PRIVATE KEY"

	// ECPrivateKey is the "EC PRIVATE KEY" block type.
	ECPrivateKey BlockType = "EC PRIVATE KEY"

	// PublicKey is the "PUBLIC KEY" block type.
	PublicKey BlockType = "PUBLIC KEY"

	// Certificate is the "CERTIFICATE" block type.
	Certificate BlockType = "CERTIFICATE"
)

func (BlockType) String ¶

func (bt BlockType) String() string

String satisfies the string interface for a block type.

type Store ¶

type Store map[BlockType]interface{}

Store is a store containing crypto primitives.

A store can contain any of the following crypto primitives:

[]byte 								 -- raw key
*rsa.PrivateKey, *ecdsa.PrivateKey   -- rsa / ecdsa private key
*rsa.PublicKey, *ecdsa.PublicKey     -- rsa / ecdsa public key
*x509.Certificate                    -- x509 certificate

func DecodeBytes ¶

func DecodeBytes(buf []byte) (Store, error)

DecodeBytes decodes the supplied buf into a store.

func GenerateECKeySet ¶

func GenerateECKeySet(curve elliptic.Curve) (Store, error)

GenerateECKeySet generates a EC private and public key crypto primitives, returning them as a Store.

func GenerateRSAKeySet ¶

func GenerateRSAKeySet(bitLen int) (Store, error)

GenerateRSAKeySet generates a RSA private and public key crypto primitives, returning them as a Store.

func GenerateSymmetricKeySet ¶

func GenerateSymmetricKeySet(keyLen int) (Store, error)

GenerateSymmetricKeySet generates a private key crypto primitive, returning it as a Store.

func LoadFile ¶

func LoadFile(filename string) (Store, error)

LoadFile creates a store and loads any crypto primitives in the PEM encoded data stored in filename.

Note: calls Store.AddPublicKeys after successfully loading a file. If that behavior is not desired, please manually create the Store and call Decode, or [DecodeBlock].

func (Store) AddPublicKeys ¶

func (s Store) AddPublicKeys()

AddPublicKeys adds the public keys for a RSAPrivateKey or ECPrivateKey block type generating and storing the corresponding *PublicKey block if not already present.

Useful when a Store is missing the public key for a private key.

func (Store) Bytes ¶

func (s Store) Bytes() ([]byte, error)

Bytes returns all crypto primitives in the Store as a single byte slice containing the PEM-encoded versions of the crypto primitives.

func (Store) Certificate ¶

func (s Store) Certificate() (*x509.Certificate, bool)

Certificate returns the X509 certificate contained within the Store.

func (Store) Decode ¶

func (s Store) Decode(buf []byte) error

Decode parses and decodes PEM-encoded data from buf, storing any resulting crypto primitives encountered into the Store. The decoded PEM BlockType will be used as the map key for each primitive.

func (Store) DecodeBlock ¶

func (s Store) DecodeBlock(block *pem.Block) error

DecodeBlock decodes PEM block data, adding any crypto primitive encountered in the Store.

func (Store) ECPrivateKey ¶

func (s Store) ECPrivateKey() (*ecdsa.PrivateKey, bool)

ECPrivateKey returns the ECDSA private key contained within the Store.

func (Store) ECPublicKey ¶

func (s Store) ECPublicKey() (*ecdsa.PublicKey, bool)

ECPublicKey returns the ECDSA public key contained within the Store.

func (Store) LoadFile ¶

func (s Store) LoadFile(filename string) error

LoadFile loads crypto primitives from PEM encoded data stored in filename.

func (Store) PrivateKey ¶

func (s Store) PrivateKey() (crypto.PrivateKey, bool)

PrivateKey returns the private key contained within the Store.

func (Store) PublicKey ¶

func (s Store) PublicKey() (crypto.PublicKey, bool)

PublicKey returns the public key contained within the Store.

func (Store) RSAPrivateKey ¶

func (s Store) RSAPrivateKey() (*rsa.PrivateKey, bool)

RSAPrivateKey returns the RSA private key contained within the Store.

func (Store) RSAPublicKey ¶

func (s Store) RSAPublicKey() (*rsa.PublicKey, bool)

RSAPublicKey returns the RSA public key contained within the Store.

func (Store) WriteFile ¶

func (s Store) WriteFile(filename string) error

WriteFile writes the crypto primitives in the Store to filename with mode 0600.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
_example _example/main.go	_example/main.go
cmd
pemutil Command pemutil is a simple command line util making to generate suitable keyset data for use with the pemutil package.	Command pemutil is a simple command line util making to generate suitable keyset data for use with the pemutil package.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL