primitives

package

v0.1.1 Latest Latest Go to latest Published: Dec 2, 2021 License: Apache-2.0 Imports: 18 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/meshplus/flato-msp-cert

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func AssertCertType(expect CertType, certificate *gmx509.Certificate) bool
func DER2PEM(in []byte, t PEMType) ([]byte, error)
func DER2PEMWithEncryption(in []byte, t PEMType, pwd [32]byte) ([]byte, error)
func GenCert(ca *gmx509.Certificate, privatekey crypto.SignKey, publicKey crypto.VerifyKey, ...) ([]byte, error)
func MarshalCertificate(template *gmx509.Certificate) (cert []byte, err error)
func MarshalPublicKey(publicKey crypto.VerifyKey) ([]byte, error)
func NewSelfSignedCert(engine crypto.Engine, o, cn, gn string, ct gmx509.CurveType, ...) ([]byte, []byte, error)
func ParseCertificate(engine crypto.Engine, cert []byte) (*gmx509.Certificate, error)
func ParseOrganization(idName *IdentityName) (map[string]string, error)
func SelfSignedCert(o, cn, gn string, webAddr []string, privKey crypto.SignKey, from, to time.Time) ([]byte, error)
func Sign(engine crypto.Engine, key crypto.SignKey, msg []byte) ([]byte, error)
func UnmarshalPrivateKey(engine crypto.Engine, index []byte) (key crypto.SignKey, err error)
func UnmarshalPublicKey(engine crypto.Engine, derBytes []byte) (pub crypto.VerifyKey, err error)
func Verify(engine crypto.Engine, key crypto.VerifyKey, msg, signature []byte) (bool, error)
func VerifyCert(cert *gmx509.Certificate, ca *gmx509.Certificate) (bool, error)
type CertType
- func NewCertType(certType string) CertType
- func ParseCertType(certType []byte) CertType
- func (c CertType) GetValue() []byte
type IdentityName
- func GetIdentityNameFromPKIXName(name pkix.Name) *IdentityName
- func GetIdentityNameFromString(s string) *IdentityName
- func (n *IdentityName) GetCertType() CertType
- func (n *IdentityName) String() string
type PEMType
- func PEM2DER(raw []byte) ([]byte, PEMType)
- func PEM2DERWithEncryption(raw []byte, pwd *[32]byte) ([]byte, PEMType)

Examples ¶

PEM2DER

Constants ¶

View Source

const (
	//Version cert organization version
	Version = "version"
	//VP cert organization vp, nvp band node
	VP = "vp"
	//Platform cert organization platform, use flato
	Platform = "platform"
)

Variables ¶

View Source

var CertTypeOID asn1.ObjectIdentifier = []int{1, 2, 86, 1}

CertTypeOID oid fo certType

Functions ¶

func AssertCertType ¶

func AssertCertType(expect CertType, certificate *gmx509.Certificate) bool

AssertCertType assert cert type with specified type，return boolean

func DER2PEM ¶

func DER2PEM(in []byte, t PEMType) ([]byte, error)

DER2PEM encode der to pem

func DER2PEMWithEncryption ¶

func DER2PEMWithEncryption(in []byte, t PEMType, pwd [32]byte) ([]byte, error)

DER2PEMWithEncryption encode der to pem with encryption

func GenCert ¶

func GenCert(ca *gmx509.Certificate, privatekey crypto.SignKey, publicKey crypto.VerifyKey,
	o, cn, gn string, isCA bool, from, to time.Time, webAddr ...string) ([]byte, error)

GenCert generate cert

func MarshalCertificate ¶

func MarshalCertificate(template *gmx509.Certificate) (cert []byte, err error)

MarshalCertificate Marshal Certificate

func MarshalPublicKey ¶

func MarshalPublicKey(publicKey crypto.VerifyKey) ([]byte, error)

MarshalPublicKey marshal a public key to the pem forma

func NewSelfSignedCert ¶

func NewSelfSignedCert(engine crypto.Engine, o, cn, gn string, ct gmx509.CurveType, from, to time.Time, webAddr ...string) (
	[]byte, []byte, error)

NewSelfSignedCert generate self-signature certificate

func ParseCertificate ¶

func ParseCertificate(engine crypto.Engine, cert []byte) (*gmx509.Certificate, error)

ParseCertificate already support ra

func ParseOrganization ¶

func ParseOrganization(idName *IdentityName) (map[string]string, error)

ParseOrganization get Organization map

func SelfSignedCert ¶

func SelfSignedCert(o, cn, gn string, webAddr []string, privKey crypto.SignKey, from, to time.Time) (
	[]byte, error)

SelfSignedCert generate self-signature certificate by privKey and pubKey

func Sign ¶

func Sign(engine crypto.Engine, key crypto.SignKey, msg []byte) ([]byte, error)

Sign sign a msg

func UnmarshalPrivateKey ¶

func UnmarshalPrivateKey(engine crypto.Engine, index []byte) (key crypto.SignKey, err error)

UnmarshalPrivateKey unmarshals a pkcs8 der to private key

func UnmarshalPublicKey ¶

func UnmarshalPublicKey(engine crypto.Engine, derBytes []byte) (pub crypto.VerifyKey, err error)

UnmarshalPublicKey unmarshal a der to public key

func Verify ¶

func Verify(engine crypto.Engine, key crypto.VerifyKey, msg, signature []byte) (bool, error)

Verify verifies signature

func VerifyCert ¶

func VerifyCert(cert *gmx509.Certificate, ca *gmx509.Certificate) (bool, error)

VerifyCert already support ra

Types ¶

type CertType ¶

type CertType int

CertType a data type to present cert type，like tcert，ecert and so on

const (
	ECert CertType = iota
	RCert
	SDKCert
	TCert
	ERCert
	IDCert
	UnknownCertType
)

the value of CertType

func NewCertType ¶

func NewCertType(certType string) CertType

NewCertType get a CertType

func ParseCertType ¶

func ParseCertType(certType []byte) CertType

ParseCertType unmarshal cert Type

func (CertType) GetValue ¶

func (c CertType) GetValue() []byte

GetValue return bytes slice of a certType，marshal cert Type

type IdentityName ¶

type IdentityName struct {
	//organization，E.g Hyperchain
	O string
	//host name or addr, E.g :node1, 172.16.5.1, www.hyperchain.cn and so on
	CN string
	//cert class, E.g ecert
	GN string
	//serial number, E.g: fd26a860237b461d1baec332
	SerialNumber string
}

IdentityName identity name

func GetIdentityNameFromPKIXName ¶

func GetIdentityNameFromPKIXName(name pkix.Name) *IdentityName

GetIdentityNameFromPKIXName get IdentityName from PKIXName

func GetIdentityNameFromString ¶

func GetIdentityNameFromString(s string) *IdentityName

GetIdentityNameFromString get IdentityName from string

func (*IdentityName) GetCertType ¶

func (n *IdentityName) GetCertType() CertType

GetCertType get CertType

func (*IdentityName) String ¶

func (n *IdentityName) String() string

String fmt.string

type PEMType ¶

type PEMType int

PEMType is pem type

const (
	PEMECCPrivateKey PEMType = iota
	PEMRSAPrivateKey
	PEMAnyPrivateKey
	PEMPublicKey
	PEMCertificate
	PEMInvalidPEMType
)

pem type enum

func PEM2DER ¶

func PEM2DER(raw []byte) ([]byte, PEMType)

PEM2DER pem to der

Example ¶

input := `-----BEGIN EC PRIVATE KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEo51rGof4xs+iDgFHrCxLJskSxoT2+69f
12zvlF2z2qR8MquUs5bpTCD0y/WT9+I+bOxEB+5/Amjf7zAG1mplOA==
-----END EC PRIVATE KEY-----` //secp256k1
engine := plugin.GetCryptoEngine()
raw, head := PEM2DER([]byte(input))
if head != PEMECCPrivateKey {
	panic(head)
}
pk, uerr := UnmarshalPublicKey(engine, raw)
if uerr != nil {
	panic(uerr)
}

pkDER, err := MarshalPublicKey(pk)
if err != nil {
	panic(err)
}
pkPEM, err := DER2PEM(pkDER, PEMECCPrivateKey)
if err != nil {
	panic(err)
}
fmt.Println(string(pkPEM))

Output:

-----BEGIN EC PRIVATE KEY-----
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEo51rGof4xs+iDgFHrCxLJskSxoT2+69f
12zvlF2z2qR8MquUs5bpTCD0y/WT9+I+bOxEB+5/Amjf7zAG1mplOA==
-----END EC PRIVATE KEY-----

func PEM2DERWithEncryption ¶

func PEM2DERWithEncryption(raw []byte, pwd *[32]byte) ([]byte, PEMType)

PEM2DERWithEncryption decode pem to der with password if pem is encrypted pem ,pwd is mast not nil

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
x509 Package x509 parses X.509-encoded keys and certificates.	Package x509 parses X.509-encoded keys and certificates.
pkix

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL