CreateCertificate creates a new X.509 v3 certificate based on a template.

CreateCertificateRequest creates a new certificate request based on a template.

CreateRevocationList creates a new X.509 v2 Certificate Revocation List, according to RFC 5280, based on template.

DecryptPEMBlock takes a PEM block encrypted according to RFC 1423 and the password used to encrypt it and returns a slice of decrypted DER encoded bytes.

EncryptPEMBlock returns a PEM block of the specified type holding the given DER encoded data encrypted with the specified algorithm and password according to RFC 1423.

IsEncryptedPEMBlock returns whether the PEM block is password encrypted according to RFC 1423.

MarshalCSRResponse marshals a CSRResponse to DER format.

MarshalECPrivateKey converts an EC private key to SEC 1, ASN.1 DER form.

MarshalPKCS1PrivateKey converts an RSA private key to PKCS #1, ASN.1 DER form.

MarshalPKCS1PublicKey converts an RSA public key to PKCS #1, ASN.1 DER form.

MarshalPKCS8PrivateKey converts a private key to PKCS #8, ASN.1 DER form.

MarshalPKIXPublicKey converts a public key to PKIX, ASN.1 DER form.

MarshalSM2PrivateKey convient method to marshal sm2 private key directly.

NewCertPool returns a new, empty CertPool.

ParseCertificate parses a single certificate from the given ASN.1 DER data.

ParseCertificateRequest parses a single certificate request from the given ASN.1 DER data.

ParseCertificateRequestPEM parses a single certificate request from the given PEM data.

ParseCertificates parses one or more certificates from the given ASN.1 DER data.

ParseCRL parses a CRL from the given bytes.

ParseCSRResponse parses a CSRResponse from DER format.

ParseDERCRL parses a DER encoded CRL from the given bytes.

ParseECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form.

ParseName parses a DER encoded Name as defined in RFC 5280.

ParsePKCS1PrivateKey parses an RSA private key in PKCS #1, ASN.1 DER form.

ParsePKCS1PublicKey parses an RSA public key in PKCS #1, ASN.1 DER form.

ParsePKCS8PrivateKey parses an unencrypted private key in PKCS #8, ASN.1 DER form.

ParsePKIXPublicKey parses a public key in PKIX, ASN.1 DER form.

ParseSM2PrivateKey parses an SM2 private key in SEC 1, ASN.1 DER form.

ParseTypedECPrivateKey parses an EC private key in SEC 1, ASN.1 DER form.

SetFallbackRoots sets the roots to use during certificate verification, if no custom roots are specified and a platform verifier or a system certificate pool is not available (for instance in a container which does not have a root certificate bundle).

SystemCertPool returns a copy of the system cert pool.

Only supported for parsing.

Unsupported.

Unsupported.

Only supported for signing, and verification of CRLs, CSRs, and OCSP responses.

Unsupported.

Only supported for signing, not verification.

Possible values for the EncryptPEMBlock encryption algorithm.

Possible values for the EncryptPEMBlock encryption algorithm.

Possible values for the EncryptPEMBlock encryption algorithm.

Possible values for the EncryptPEMBlock encryption algorithm.

Possible values for the EncryptPEMBlock encryption algorithm.

Possible values for the EncryptPEMBlock encryption algorithm.

Only supported for signing, and verification of CRLs, CSRs, and OCSP responses.

Make sure the vaule is not conflict with x509.SignatureAlgorithm.

IncorrectPasswordError is returned when an incorrect password is detected.

CertPool is a set of certificates.

CSRResponse represents the response of a certificate signing request.

UnknownAuthorityError results when the certificate issuer is unknown.

VerifyOptions contains parameters for Certificate.Verify.

A Certificate represents an X.509 certificate.

CertificateRequest represents a PKCS #10, certificate signature request.

ExtKeyUsage represents an extended set of actions that are valid for a given key.

KeyUsage represents the set of actions that are valid for a given key.