certinfo

package

v0.0.0-...-069b7ae Latest Latest Go to latest Published: Jan 13, 2026 License: MIT Imports: 22 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/xenos76/https-wrench

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CertsToTables(w io.Writer, certs []*x509.Certificate)
func GetCertsFromBundle(certBundlePath string, fileReader Reader) ([]*x509.Certificate, error)
func GetKeyFromFile(keyFilePath string, keyPwEnvVar string, inputReader Reader) (crypto.PrivateKey, error)
func GetRootCertsFromFile(caBundlePath string, fileReader Reader) (*x509.CertPool, error)
func GetRootCertsFromString(caBundleString string) (*x509.CertPool, error)
func IsPrivateKeyEncrypted(key []byte) (bool, error)
func ParsePrivateKey(keyPEM []byte, pwEnvKey string, pwReader Reader) (crypto.PrivateKey, error)
func PrintCertInfo(cert *x509.Certificate, depth int, w io.Writer)
type CertinfoConfig
- func NewCertinfoConfig() (*CertinfoConfig, error)
type InputReader
- func (InputReader) ReadFile(name string) ([]byte, error)
- func (InputReader) ReadPassword(fd int) ([]byte, error)
type Reader

Constants ¶

View Source

const (
	TLSTimeout      = 3 * time.Second
	CertExpWarnDays = 40
)

Variables ¶

View Source

var (
	TlsServerName string
	TlsInsecure   bool
)

Functions ¶

func CertsToTables ¶

func CertsToTables(w io.Writer, certs []*x509.Certificate)

func GetCertsFromBundle ¶

func GetCertsFromBundle(certBundlePath string, fileReader Reader) ([]*x509.Certificate, error)

func GetKeyFromFile ¶

func GetKeyFromFile(
	keyFilePath string,
	keyPwEnvVar string,
	inputReader Reader,
) (crypto.PrivateKey, error)

func GetRootCertsFromFile ¶

func GetRootCertsFromFile(caBundlePath string, fileReader Reader) (*x509.CertPool, error)

func GetRootCertsFromString ¶

func GetRootCertsFromString(caBundleString string) (*x509.CertPool, error)

func IsPrivateKeyEncrypted ¶

func IsPrivateKeyEncrypted(key []byte) (bool, error)

IsPrivateKeyEncrypted checks if the given PEM key is encrypted. It returns true if encrypted, false otherwise, and an error if decoding fails.

func ParsePrivateKey ¶

func ParsePrivateKey(keyPEM []byte, pwEnvKey string, pwReader Reader) (crypto.PrivateKey, error)

ParsePrivateKey parses a PEM-encoded private key and returns it as a crypto.PrivateKey.

Supported formats:

- PKCS#8 ("BEGIN PRIVATE KEY" / "BEGIN ENCRYPTED PRIVATE KEY") — decrypted with github.com/youmark/pkcs8

- PKCS#1 RSA ("BEGIN RSA PRIVATE KEY") — cleartext or PEM-encrypted (x509.DecryptPEMBlock)

- EC private keys ("BEGIN EC PRIVATE KEY") — cleartext or certain PKCS#8-encrypted ECDSA keys

If the PEM is encrypted the function will try to read the passphrase from the environment variable named by pwEnvKey; if that is empty it will prompt the user interactively.

The function returns a descriptive error if the PEM cannot be decoded, decryption/parsing fails, or the key format is unsupported.

func PrintCertInfo ¶

func PrintCertInfo(cert *x509.Certificate, depth int, w io.Writer)

Types ¶

type CertinfoConfig ¶

type CertinfoConfig struct {
	CACertsPool             *x509.CertPool
	CACertsFilePath         string
	CertsBundle             []*x509.Certificate
	CertsBundleFilePath     string
	CertsBundleFromKey      bool
	PrivKey                 crypto.PrivateKey
	PrivKeyFilePath         string
	TLSEndpoint             string
	TLSEndpointHost         string
	TLSEndpointPort         string
	TLSEndpointCerts        []*x509.Certificate
	TLSEndpointCertsFromKey bool
	TLSServerName           string
	TLSInsecure             bool
}

func NewCertinfoConfig ¶

func NewCertinfoConfig() (*CertinfoConfig, error)

func (*CertinfoConfig) GetRemoteCerts ¶

func (c *CertinfoConfig) GetRemoteCerts() error

func (*CertinfoConfig) PrintData ¶

func (c *CertinfoConfig) PrintData(w io.Writer) error

func (*CertinfoConfig) SetCaPoolFromFile ¶

func (c *CertinfoConfig) SetCaPoolFromFile(filePath string, fileReader Reader) error

func (*CertinfoConfig) SetCertsFromFile ¶

func (c *CertinfoConfig) SetCertsFromFile(filePath string, fileReader Reader) error

func (*CertinfoConfig) SetPrivateKeyFromFile ¶

func (c *CertinfoConfig) SetPrivateKeyFromFile(
	filePath string,
	keyPwEnvVar string,
	fileReader Reader,
) error

func (*CertinfoConfig) SetTLSEndpoint ¶

func (c *CertinfoConfig) SetTLSEndpoint(hostport string) error

func (*CertinfoConfig) SetTLSInsecure ¶

func (c *CertinfoConfig) SetTLSInsecure(skipVerify bool) *CertinfoConfig

func (*CertinfoConfig) SetTLSServerName ¶

func (c *CertinfoConfig) SetTLSServerName(serverName string) *CertinfoConfig

type InputReader ¶

type InputReader struct{}

func (InputReader) ReadFile ¶

func (InputReader) ReadFile(name string) ([]byte, error)

func (InputReader) ReadPassword ¶

func (InputReader) ReadPassword(fd int) ([]byte, error)

type Reader ¶

type Reader interface {
	ReadFile(name string) ([]byte, error)
	ReadPassword(fd int) ([]byte, error)
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL