addExtKeyUsageOids adds custom extended key usage OIDs to certificate.

addKeyUsages adds appropriate key usages to the template given the creation information.

addPolicyIdentifiers adds certificate policies extension .

ComparePublicKeys compares two public keys and returns true if they match.

Performs the heavy lifting of creating a certificate.

Creates a CSR.

GeneratePrivateKey generates a private key with the specified type and key bits.

GenerateSerialNumber generates a serial number suitable for a certificate.

GetHexFormatted returns the byte buffer formatted in hex with the specified separator between bytes.

GetSubjKeyID returns the subject key ID, e.g.

ParseHexFormatted returns the raw bytes from a formatted hex string.

ParsePEMBundle takes a string of concatenated PEM-format certificate and private key values and decodes/parses them, checking validity along the way.

ParsePKIJSON takes a JSON-encoded string and returns a ParsedCertBundle.

ParsePKIMap takes a map (for instance, the Secret.Data returned from the PKI grpc-backend) and returns a ParsedCertBundle.

ParsePublicKeyPEM is used to parse RSA and ECDSA public keys from PEMs.

Performs the heavy lifting of generating a certificate from a CSR.

Well-known formats.

Well-known PrivateKeyTypes.

Well-known formats.

Well-known formats.

Well-known PrivateKeyTypes.

Well-known TLSUsage types.

Well-known TLSUsage types.

Well-known TLSUsage types.

Well-known PrivateKeyTypes.

CertBlock contains the DER-encoded certificate and the PEM block's byte array.

CertBundle contains a key type, a PEM-encoded private key, a PEM-encoded certificate, and a string-encoded serial number, returned from a successful Issue request.

This can be one of a few key types so the different params may or may not be filled.

CSRBundle contains a key type, a PEM-encoded private key, and a PEM-encoded CSR.

IssueData is a structure that is suitable for marshaling into a request; either via JSON, or into a map[string]interface{} via the structs package.

ParsedCertBundle contains a key type, a DER-encoded private key, and a DER-encoded certificate.

ParsedCSRBundle contains a key type, a DER-encoded private key, and a DER-encoded certificate request.

Secret is used to attempt to unmarshal a secret JSON response, as a convenience.

ParsedPrivateKeyContainer allows common key setting for certs and CSRs.

BlockType indicates the serialization format of the key.

PrivateKeyType holds a string representation of the type of private key (ec or rsa) referenced in CertBundle and ParsedCertBundle.

TLSUsage controls whether the intended usage of a *tls.Config returned from ParsedCertBundle.getTLSConfig is for server use, client use, or both, which affects which values are set.