github.com/haraldrudell/parl@v0.4.176/if-pki.go (about) 1 /* 2 © 2022–present Harald Rudell <harald.rudell@gmail.com> (https://haraldrudell.github.io/haraldrudell/) 3 ISC License 4 */ 5 6 package parl 7 8 import ( 9 "crypto" 10 "crypto/x509" 11 ) 12 13 type Certificate interface { 14 DER() (der CertificateDer) 15 PEM() (pemBytes PemBytes) 16 ParseCertificate() (certificate *x509.Certificate, err error) 17 } 18 19 type CertificateAuthority interface { 20 Check() (cert *x509.Certificate, err error) // gets x509.Certificate version 21 DER() (certificateDer CertificateDer) // untyped bytes, der: Distinguished Encoding Rules binary format 22 Sign(template *x509.Certificate, publicKey crypto.PublicKey) (certDER CertificateDer, err error) 23 PEM() (pemBytes PemBytes) 24 Private() (privateKey PrivateKey) 25 } 26 27 // PrivateKey implements crypto.Signer and can therefore be used as tls.Certificate.PrivateKey 28 type PrivateKey interface { 29 crypto.Signer // Public() Sign() 30 DER() (privateKeyDer PrivateKeyDer, err error) // untyped key material, both private and public keys 31 DERe() (privateKeyDer PrivateKeyDer) 32 PEM() (pemBytes PemBytes, err error) 33 PEMe() (pemBytes PemBytes) 34 PublicKey() (publicKey PublicKey) 35 Algo() (algo x509.PublicKeyAlgorithm) 36 // validate ensures the private key is present, modeled after rsa.Validate 37 Validate() (err error) 38 } 39 40 // PublicKey contains a public key extracted from a KeyPair 41 type PublicKey interface { 42 DER() (publicKeyDer PublicKeyDer, err error) 43 DERe() (publicKeyDer PublicKeyDer) 44 PEM() (pemBytes PemBytes, err error) 45 PEMe() (pemBytes PemBytes) 46 Equal(x crypto.PublicKey) (isEqual bool) 47 Algo() (algo x509.PublicKeyAlgorithm) 48 } 49 50 // CertificateDer is a binary encoding of a certificate. 51 // der: Distinguished Encoding Rules is a binary format based on asn1. 52 type CertificateDer []byte 53 54 // PublicKeyDer is a binary encoding of a public key 55 type PublicKeyDer []byte 56 57 // PublicKeyDer is a binary encoding of a private and public key-pair 58 type PrivateKeyDer []byte 59 60 // PemBytes bytes is 7-bit ascii string representing keys or certificates 61 type PemBytes []byte 62 63 type PrivateKeyFactory interface { 64 NewPrivateKey(algo x509.PublicKeyAlgorithm) (privateKey PrivateKey, err error) 65 }