README
¶
go-othername
Parse and export non-standard x.509
Subject Alternative Name
Other Names, as defined by 4.2.1.7 of RFC 3280.
Microsoft UPN
The Universal Principal Name is a Microsoft specific (but generally useful!) Other Name type that allows the Certificate to map directly to a login to a computer. This is widely deployed in conjuction with FIPS 201 style smartcards to enable computer logins.
cert, err := x509.ParseCertificates(certDER)
...
names, err := othername.UPNs(cert)
...
Documentation
¶
Overview ¶
The othername package is able to parse custom OtherName entries out of a crypto/x509.Certificate, and present a slightly lower level representation of what data is contained in the Certificate.
The primary use of this package currently is to extract a Microsoft Universal Principal Name from an crypto/x509.Certificate. As other needs come up, this package will grow support for other OtherNames as needed.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // InvalidOID is returned when the expected OID doesn't match // the given OID. For instance, if the OtherName is a custom // type, and we're trying to extract the UPN, this error would // be returned to signify that the parser code will not attempt to // unpack the Value. InvalidOID = fmt.Errorf("othername: expected OID didn't match") )
Functions ¶
Types ¶
type OtherName ¶
type OtherName struct {
// ObjectIdentifier defining what type of information is contained
// inside the Value object. There's basically no reason to read the
// Value without first checking the ObjectIdentifier.
Id asn1.ObjectIdentifier
// Type-specific information regarding this particular OtherName.
Value asn1.RawValue
}
Encapsulation of an x509 Subject Alternative Name (SAN) Other Name.
This contains an ObjectIdentifier Id for the OtherName type, and the opaque type dependent RawValue. This type is pretty hard to work with and will likely involve some calls to asn1.Unmarshal to extract the meaningful data, so be sure you feel comfortable with that before digging into Value!
func (OtherName) FASC ¶
Decode and parse the FASC (Federal Agency Smartcard Number). This contains some basic information on the PIV token that this Certificate belongs to.
type OtherNames ¶
type OtherNames []OtherName
func All ¶
func All(cert *x509.Certificate) (OtherNames, error)
Given a Certificate, go through all the Extensions, find the SubjectAltName Extension, and extract all OtherNames from the SAN.
func (OtherNames) FASCs ¶
func (on OtherNames) FASCs() ([]fasc.FASC, error)
Get all FASC entries in the set of OtherNames this function hangs off of.
func (OtherNames) Find ¶
func (o OtherNames) Find(id asn1.ObjectIdentifier) OtherNames
Find all OtherNames that have the ObjectIdentifier provided.
func (OtherNames) Map ¶
func (ons OtherNames) Map(mf MapFunc) error
Map a function over all OtherNames. This is helpful when paired with Find to do a custom extraction for each OtherName.
func (OtherNames) UPNs ¶
func (on OtherNames) UPNs() ([]string, error)
Extract all Universal Principal Names from a list of OtherNames.
Source Files