README
¶
go-othername
Parse and export non-standard x.509
Subject Alternative Name
Other Names, as defined by 4.2.1.7 of RFC 3280.
Microsoft UPN
The Universal Principal Name is a Microsoft specific (but generally useful!) Other Name type that allows the Certificate to map directly to a login to a computer. This is widely deployed in conjuction with FIPS 201 style smartcards to enable computer logins.
cert, err := x509.ParseCertificates(certDER)
...
names, err := othername.UPNs(cert)
...
Documentation
¶
Overview ¶
Package othername parses custom OtherName entries out of a crypto/x509.Certificate, and extracts those values.
The primary use of this package currently is to extract a Microsoft Universal Principal Name from an crypto/x509.Certificate. As other needs come up, this package will grow support for other OtherNames as needed.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // ErrInvalidOID is returned when the expected OID doesn't match // the given OID. For instance, if the OtherName is a custom // type, and we're trying to extract the UPN, this error would // be returned to signify that the parser code will not attempt to // unpack the Value. ErrInvalidOID error = fmt.Errorf("othername: expected OID didn't match") )
Functions ¶
Types ¶
type MapFunc ¶
MapFunc can be used to run a snippit of code against all OtherName objects through the use of OtherNames.Map.
type OtherName ¶
type OtherName struct {
// ObjectIdentifier defining what type of information is contained
// inside the Value object. There's basically no reason to read the
// Value without first checking the ObjectIdentifier.
ID asn1.ObjectIdentifier
// Type-specific information regarding this particular OtherName.
Value asn1.RawValue
}
OtherName is an encapsulation of an x509 Subject Alternative Name (SAN) Other Name.
This contains an ObjectIdentifier Id for the OtherName type, and the opaque type dependent RawValue. This type is pretty hard to work with and will likely involve some calls to asn1.Unmarshal to extract the meaningful data, so be sure you feel comfortable with that before digging into Value!
func (OtherName) FASC ¶
FASC will decode and parse the FASC (Federal Agency Smartcard Number). This contains some basic information on the PIV token that this Certificate belongs to.
type OtherNames ¶
type OtherNames []OtherName
OtherNames is an enumeration of a collection of OtherName entries.
func All ¶
func All(cert *x509.Certificate) (OtherNames, error)
All will extract all OtherName entries from the provided Certificate's SAN entries,and return them.
func (OtherNames) FASCs ¶
func (on OtherNames) FASCs() ([]fasc.FASC, error)
FASCs will get all FASC entries contained within the OtherNames.
func (OtherNames) Find ¶
func (o OtherNames) Find(id asn1.ObjectIdentifier) OtherNames
Find all OtherNames that have the ObjectIdentifier provided.
func (OtherNames) Map ¶
func (o OtherNames) Map(mf MapFunc) error
Map a function over all OtherNames. This is helpful when paired with Find to do a custom extraction for each OtherName.
func (OtherNames) UPNs ¶
func (on OtherNames) UPNs() ([]string, error)
UPNs will extract and return all Universal Principal Names from a list of OtherNames.
Source Files