github.com/cockroachdb/cockroach@v20.2.0-alpha.1+incompatible/pkg/security/utils.go

github.com/cockroachdb/cockroach@v20.2.0-alpha.1+incompatible/pkg/security/utils.go (about)

     1  // Copyright 2017 The Cockroach Authors.
     2  //
     3  // Use of this software is governed by the Business Source License
     4  // included in the file licenses/BSL.txt.
     5  //
     6  // As of the Change Date specified in that file, in accordance with
     7  // the Business Source License, use of this software will be governed
     8  // by the Apache License, Version 2.0, included in the file
     9  // licenses/APL.txt.
    10  
    11  package security
    12  
    13  import "crypto/x509"
    14  
    15  // KeyUsageToString returns the list of key usages described by the bitmask.
    16  // This list may not up-to-date with https://golang.org/pkg/crypto/x509/#KeyUsage
    17  func KeyUsageToString(ku x509.KeyUsage) []string {
    18  	ret := make([]string, 0)
    19  	if ku&x509.KeyUsageDigitalSignature != 0 {
    20  		ret = append(ret, "DigitalSignature")
    21  	}
    22  	if ku&x509.KeyUsageContentCommitment != 0 {
    23  		ret = append(ret, "ContentCommitment")
    24  	}
    25  	if ku&x509.KeyUsageKeyEncipherment != 0 {
    26  		ret = append(ret, "KeyEncipherment")
    27  	}
    28  	if ku&x509.KeyUsageDataEncipherment != 0 {
    29  		ret = append(ret, "DataEncirpherment")
    30  	}
    31  	if ku&x509.KeyUsageKeyAgreement != 0 {
    32  		ret = append(ret, "KeyAgreement")
    33  	}
    34  	if ku&x509.KeyUsageCertSign != 0 {
    35  		ret = append(ret, "CertSign")
    36  	}
    37  	if ku&x509.KeyUsageCRLSign != 0 {
    38  		ret = append(ret, "CRLSign")
    39  	}
    40  	if ku&x509.KeyUsageEncipherOnly != 0 {
    41  		ret = append(ret, "EncipherOnly")
    42  	}
    43  	if ku&x509.KeyUsageDecipherOnly != 0 {
    44  		ret = append(ret, "DecipherOnly")
    45  	}
    46  
    47  	return ret
    48  }
    49  
    50  // ExtKeyUsageToString converts a x509.ExtKeyUsage to a string, returning "unknown" if
    51  // the list is not up-to-date.
    52  func ExtKeyUsageToString(eku x509.ExtKeyUsage) string {
    53  	switch eku {
    54  
    55  	case x509.ExtKeyUsageAny:
    56  		return "Any"
    57  	case x509.ExtKeyUsageServerAuth:
    58  		return "ServerAuth"
    59  	case x509.ExtKeyUsageClientAuth:
    60  		return "ClientAuth"
    61  	case x509.ExtKeyUsageCodeSigning:
    62  		return "CodeSigning"
    63  	case x509.ExtKeyUsageEmailProtection:
    64  		return "EmailProtection"
    65  	case x509.ExtKeyUsageIPSECEndSystem:
    66  		return "IPSECEndSystem"
    67  	case x509.ExtKeyUsageIPSECTunnel:
    68  		return "IPSECTunnel"
    69  	case x509.ExtKeyUsageIPSECUser:
    70  		return "IPSECUser"
    71  	case x509.ExtKeyUsageTimeStamping:
    72  		return "TimeStamping"
    73  	case x509.ExtKeyUsageOCSPSigning:
    74  		return "OCSPSigning"
    75  	case x509.ExtKeyUsageMicrosoftServerGatedCrypto:
    76  		return "MicrosoftServerGatedCrypto"
    77  	case x509.ExtKeyUsageNetscapeServerGatedCrypto:
    78  		return "NetscapeServerGatedCrypto"
    79  	default:
    80  		return "unknown"
    81  	}
    82  }