tlsutils

package module
v0.40.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 15, 2022 License: MIT Imports: 17 Imported by: 1

README

Coverage Status Renovate enabled Build status Build status Go Report Card

Tlsutils

This is a series of networking utilities and test wrappers by entropy for building robust networked services in golang. The modules are as follows:

  • Library for creating tls certs with a variety of elliptic curve settings
  • mock - library for mocking a variety of tls certs

What can I do with this?

Note: the tls module requires go 1.15

Documentation

Overview

the tls package allows you to create and verify various kinds of tls certificates note: this library is mostly used for testing various certificate chains

Index

Constants

View Source 
const (
	P224 = "P224"
	P256 = "P256"
	P384 = "P384"
	P521 = "P521"
)

curve types for rsa keys

Variables

View Source 
var (
	Day   = time.Hour * 24
	Week  = Day * 7
	Month = Week * 4
	Year  = Month * 12
)

Functions

func AddHostToTemplate 

func AddHostToTemplate(host string, template *x509.Certificate)

func MakeSubject 

func MakeSubject() pkix.Name

func VerifyCertificate 

func VerifyCertificate(cert TlsCert) (isValid bool, err error)

verify a tls key parir is valid

func VerifyDCA 

func VerifyDCA(root, dca *x509.Certificate) (bool, error)

verify a dca certificate against it's parent

func VerifyKeyPair 

func VerifyKeyPair(rsaPublicKey, rsaPrivateKey string) (isValid bool, err error)

func VerifyLow 

func VerifyLow(root, DCA, child *x509.Certificate) (bool, error)

verify a server certificate against it's chain

func VerifyLowNoDca 

func VerifyLowNoDca(root, child *x509.Certificate) (bool, error)

verify a server certificate against it's chain

Types

type TlsCert 

type TlsCert struct {
	CertType string
	// certificate.pem (public key)
	PublicKey string
	// key.pem (private key)
	PrivateKey string
	// Certificate
	Certificate *x509.Certificate
	// private key
	Key interface{}
	// parameters (
	Params TlsParams
}

params returned by certificate generator

func MakeCertificate 

func MakeCertificate(params TlsParams) (cert TlsCert, err error)

Create a tls certificate adapted from https://golang.org/src/crypto/tls/generate_cert.go

func MakeCertificateDefault 

func MakeCertificateDefault() (cert TlsCert, err error)

func (TlsCert) MakeDca 

func (t TlsCert) MakeDca() (TlsCert, error)

generate a dca certificate from a rootc

func (TlsCert) MakeServerCertificate 

func (t TlsCert) MakeServerCertificate() (TlsCert, error)

generate a dca certificate from a rootc

type TlsParams 

type TlsParams struct {
	// Comma-separated hostnames and IPs to generate a certificate for
	Host string
	// Creation date formatted as Jan 1 15:04:05 2011
	ValidFrom time.Time
	// Duration that certificate is valid for
	ValidFor time.Duration
	// whether this cert should be its own Certificate Authority
	IsCa bool
	// Size of RSA key to generate. Ignored if EcdsaCurve is set
	RsaBits int
	// ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521
	EcdsaCurve string
	// Generate an Ed25519 key
	Ed25519 bool
}

params for creating a tls cert

func DefaultTlsParams 

func DefaultTlsParams() TlsParams

default params for creating a tls cert a function for immutability

func (*TlsParams) Copy 

func (t *TlsParams) Copy() TlsParams

copy a tls params struct

Source Files

View all Source files

Directories

Path Synopsis
utilities for creating tempoary certificates on disk for testing purposes
 utilities for creating tempoary certificates on disk for testing purposes

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.