GenerateCRYSTALSDilithiumKey generates a CRYSTALS Dilithium key pair at the given security of 2, 3 or 5.

GenerateECKey generates a new private/public key from a given accepted OCS curve based algorithm.

GenerateEd25519Key generates a new Ed25519 based public/private key.

GenerateRSAKey generates a new RSA public/private key.

MarshalEncryptedPrivateKey encodes and encryps a private key with AES-256-GCM.

MarshalPEMPrivateKey encodes a private key to PEM format.

MarshalPEMRawPrivateKey encodes a marshalled private key to PEM format.

MarshalPrivateKey encodes a private key into msgpack encoding.

NewCertificate generates a new OCS certificate based on a template, a public certificate and a signing private certificate The following template fields are preserved: - Subject - Entity and all child values - Revoked - NotAfter if is not zero and is not over 365 days in the future from the current time.

NewInMemCertPool inits a new in-memory cert pool.

ParseCertificate decodes a msgpack encoded certificate.

ParseECPublicKey decodes an elliptical curve based public key.

ParseED25519PublicKey decodes an ED25519 public key.

ParseEncryptedPrivateKey decrypts and decodes a private key using AES256-GCM.

ParsePEMCertificate parses a certificate from a PEM block format also returning the next PEM block if available.

ParsePEMPrivateKey parses a non-encrypted PEM encoded file.

ParsePrivateKey unmarshals the private key raw data.

ParsePublicKey unmarshals a public key.

ParseRSAPublicKey decodes a RSA public key TODO(tcfw) - decode using msgpack intead of ANSI.1.

CRYSTALS-DILITHIUM-2.

CRYSTALS-DILITHIUM-3.

CRYSTALS-DILITHIUM-5.

ECDSAsecp256r1 secp256k1 or NIST P-256.

ECDSAsecp384r1 secp384r1 or NIST P-384.

ED25519 Ed25519/curve25519.

IndirectlyTrusted represents a certificate which is not immediate trusted, but is trusted by another certificate the system trusts (WOT).

MultiPKI multiple CAs.

NotTrusted represents a explicitly untrusted certificate.

PEMCertHeader PEM block header for certificates.

PEMEncPrivKeyHeader PEM block header for encrypted private keys.

PEMPrivKeyHeader PEM block header for private keys.

PKI general single CA.

RSA2048 RSA 2048 bits.

RSA4096 RSA 4096 bits.

Trusted represents a certificate the system trusts, but not a certificate the immediate system created.

UltimatelyTrusted represents a certificate the system that the local system has created.

UnknownAlgo unknown or not set.

UnknownCertType unknown or not set.

UnknownTrust represents an unknown or incomplete state of trust.

WOT Web of trust.

ErrAlreadySigned already signed by this key.

ErrNoMatchingSignatures no matching signatures.

ErrRevoked when a certificate either immediately or in the chain is revoked.

ErrTooManySignatures too many signatures.

ErrUnknownKeyAlgorithm unknown key algorithm.

ErrUnknownPEMType unknown PEM block header type.

ErrUntrustedCertificate when a certificate is untrusted explicitly.

Certificate an OCS certificate representation.

CRYSTALSDilithiumPrivate CRYSTALS Dilithium Private Key.

CRYSTALSDilithiumPublic CRYSTALS Dilithium Public Key.

ECDSASignature representation of a unpacked ECDSA signature.

Ed25519Private wrapper of a Ed25519 pub/priv key.

Entity provides personal or businses information in the certificate.

Extension certificate extensions.

InMemCertPool an in-memory certificate pool useful for tests.

RSAPrivateKey representation of a RSA pivatekey.

RSAPublicKey representation of an RSA public key.

SecpPrivateKey wrapper for ECDSA private keys.

SecpPublicKey wrapper for a ECDSA public key.

Signature signatures provided by peers or CAs.

CertFinder finds certificates from IDs.

CertPool provides a means of validating certificates.

CertRevokeChecker checks if a certificate is revoked by ID.

CertTrustStore provides system trust levels on a given certificate by ID.

PrivateKey to create signatures.

PublicKey an OCS compatible public key.

Algorithm available cryptographic algorithms.

CertificateType the type of certificate chain verifying/signing infrastructure.

Ed25519Public wrapper of Ed25519 public key.

ExtensionType extension type reference.

TrustLevel represents a user specified or system level of trust on a certificste.