safetlsa

package module

v0.0.4 Latest Latest Go to latest Published: Aug 25, 2021 License: GPL-3.0 Imports: 15 Imported by: 2

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/namecoin/safetlsa

Links

Open Source Insights

README ¶

safetlsa

safetlsa is a library that generates TLS certificates from TLSA records that are safe to use as trust anchors. It uses name constraints and dehydrated certificates to eliminate most of the attack surface of the X.509 specification.

Projects who use safetlsa

Send a pull request if you'd like to be included.

TODO

Licence

safetlsa is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

safetlsa is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with safetlsa. If not, see https://www.gnu.org/licenses/.

Documentation ¶

Index ¶

func GenerateDomainCA(domain string, publicKeyBytes []byte, parentDERBytes []byte, ...) ([]byte, error)
func GenerateRootCA(commonNamePrefix string) ([]byte, interface{}, error)
func GenerateTLDCA(domain string, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, interface{}, error)
func GenerateTLDExclusionCA(domain string, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, interface{}, error)
func GetCertFromTLSA(domain string, tlsa *dns.TLSA, parentDERBytes []byte, ...) ([]byte, error)
func ValidityShortTerm() time.Duration

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateDomainCA ¶

func GenerateDomainCA(domain string, publicKeyBytes []byte, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, error)

Returns cert, error nolint: lll

func GenerateRootCA ¶

func GenerateRootCA(commonNamePrefix string) ([]byte, interface{}, error)

Returns cert, private key, error nolint: lll

func GenerateTLDCA ¶

func GenerateTLDCA(domain string, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, interface{}, error)

Returns cert, private key, error nolint: lll

func GenerateTLDExclusionCA ¶

func GenerateTLDExclusionCA(domain string, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, interface{}, error)

Returns cert, private key, error nolint: lll

func GetCertFromTLSA ¶

func GetCertFromTLSA(domain string, tlsa *dns.TLSA, parentDERBytes []byte, parentPrivateKey interface{}) ([]byte, error)

func ValidityShortTerm ¶ added in v0.0.4

func ValidityShortTerm() time.Duration

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL