certutil

package
v0.2.15 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 6, 2025 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Bits2048 = 2048
)

Variables

View Source 
var (
	DefaultCommonName = "default"
)
View Source 
var OIDStringToNameMap = map[string]string{
	"2.5.29.14":         "Subject Key Identifier",
	"2.5.29.15":         "Key Usage",
	"2.5.29.37":         "Extended Key Usage",
	"2.5.29.35":         "Authority Key Identifier",
	"2.5.29.19":         "Basic Constraints",
	"2.5.29.17":         "Subject Alt Name",
	"2.5.29.32":         "Certificate Policies",
	"2.5.29.30":         "Name Constraints",
	"2.5.29.31":         "CRL Distribution Points",
	"1.3.6.1.5.5.7.1.1": "Authority Info Access",
	"2.5.29.20":         "CRL Number",
}

Functions

func Encode 

func Encode(b CertBundle) ([]byte, error)

func GetExtensionValue 

func GetExtensionValue(cert *x509.Certificate, oid string) (string, error)

Get extension value from certificate with gvien oid

func LoadCert 

func LoadCert(CaPath, CertPath, KeyPath string) (*tls.Config, error)

func NewCertPool 

func NewCertPool(certs ...*x509.Certificate) *x509.CertPool

func ParseDERCert 

func ParseDERCert(b []byte) (*x509.Certificate, error)

func ParseDERKey 

func ParseDERKey(der []byte, password string) (crypto.PrivateKey, error)

func ParsePEM 

func ParsePEM(certBytes, caBytes, keyBytes []byte, password string) (*x509.Certificate, []*x509.Certificate, crypto.PrivateKey, error)

func ParsePEMCert 

func ParsePEMCert(b []byte) (*x509.Certificate, []*x509.Certificate, error)

func ParsePEMKey 

func ParsePEMKey(b []byte, password string) (crypto.PrivateKey, error)

func ParsePKCS12 

func ParsePKCS12(pfxBytes []byte, password string) (*x509.Certificate, []*x509.Certificate, crypto.PrivateKey, error)

Types

type CABundle 

type CABundle interface {
	CertBundle
	SignClient(req *ClientRequest) (CertBundle, error)
	SignServer(req *ServerRequest) (CertBundle, error)
	SignCA(req *CARequest) (CABundle, error)
}

func MustCAFromFile 

func MustCAFromFile(certFile, caFile, keyFile string) CABundle

func NewCA 

func NewCA(cert *x509.Certificate, pool []*x509.Certificate, key crypto.PrivateKey) (CABundle, error)

func NewCABundle 

func NewCABundle(certBytes []byte, keyPEM []byte) (CABundle, error)

type CARequest 

type CARequest struct {
	CommonName string
	DNSNames   []string
	IPs        []net.IP
	KeepChain  bool
}

type CertBundle 

type CertBundle interface {
	CAs() []*x509.Certificate
	IsCA() bool
	Cert() *x509.Certificate
	CertDER() []byte
	CertPEM() []byte
	CertTLS() tls.Certificate
	Key() crypto.PrivateKey
	KeyDER() []byte
	KeyPEM() []byte
	Dump(certFile, keyFile string) error
	common.Debuggable
}

func Decode 

func Decode(bundleData []byte) (CertBundle, error)

func MustCertFromFile 

func MustCertFromFile(certFile, caFile, keyFile string) CertBundle

func NewCABundleWithoutKey 

func NewCABundleWithoutKey(caBytes []byte) (CertBundle, error)

func NewCert 

func NewCert(cert *x509.Certificate, pool []*x509.Certificate, key crypto.PrivateKey) (CertBundle, error)

func NewCertBundle 

func NewCertBundle(certBytes, keyBytes []byte) (CertBundle, error)

func NewCertBundleWithoutKey 

func NewCertBundleWithoutKey(certBytes []byte) (CertBundle, error)

type ClientRequest 

type ClientRequest struct {
	CommonName  string
	ValidPeriod time.Duration
	KeepChain   bool
}

type Manager 

type Manager interface {
	CABundle
	ClientFiles(req *ClientRequest, certFile, keyFile string) error
	ServerFiles(req *ServerRequest, certFile, keyFile string) error
}

func New 

func New(opts ...Option) (Manager, error)

type Option 

type Option func(m *manager)

func WithCertBytes 

func WithCertBytes(certBytes, caBytes, keyBytes []byte) Option

func WithCertFile 

func WithCertFile(certFile, caFile, keyFile string) Option

func WithCommonName 

func WithCommonName(cn string) Option

func WithPassword 

func WithPassword(password string) Option

type ServerRequest 

type ServerRequest struct {
	CommonName string
	DNSNames   []string
	IPs        []net.IP
	KeepChain  bool
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.