All Crypto functions
| Name | Function header | Example | Result | Description | Errorhandling |
|---|---|---|---|---|---|
| buildCustomCert | func(b64cert string, b64key string) (certificate, error) | [[ $result := buildCustomCert $cert $key ]] |
$result.Key / $result.Cert contains a new Certificate signed by the CA | creates a custom certificate based on a the CA. | [X] |
| derivePassword | func(counter uint32, passwordType string, password string, user string, site string) string | [[ $result := toString (derivePassword (int "12345") "maximum" "passwordtest" "max muster" "test.example.com") ]] |
$result = “h0l74EUVH0Sr1TtHM55” | generates a password based on the diverse input parameters. | |
| genCA | func(cn string, daysValid int) (certificate, error) | [[ $result := toString (genCA "testca.example.com" (int "3650")) ]] |
$result.Key = “< CA private key>” / $result.Cert = “< CA Certificate>” | generates a digital certificate for a certificate authority (CA) | [X] |
| genPrivateKey | func(typ string) string | [[ $result := toString (genPrivateKey "") ]] |
$result.Key = “< private key >” / $result.Cert = “< Certificate >” | generates a private key based on the required key type e.g. rsa / dsa / ecdsa | |
| genSelfSignedCert | func(cn string, ips []string, alternateDNS []string, daysValid int) (certificate, error) | [[ $result := genSelfSignedCert "test.example.com" (split "10.0.0.1,10.100.0.1" "," ) (split "san1.muster.max,example.com,ingrid.example.com" ",") 365 ]] |
$result.Key = “< private key >” / $result.Cert = “< Certificate >” | generates a self signed certificate based on several input parameter | [X] |
| genSignedCert | func(cn string, ips []string, alternateDNS []string, daysValid int, ca certificate) (certificate, error) | [[ $result := genSignedCert "test.example.com" (split "10.0.0.1,10.100.0.1" "," ) (split "san1.muster.max,example.com,ingrid.example.com" ",") 365 $ca ]] |
$result.Key = “< private key >” / $result.Cert = “< Certificate >” | generates a signed certificate based on several input parameter and a certificate authority (CA) certificate | [X] |
func(b64cert string, b64key string) (certificate, error)
The buildCustomCert function creates a custom certificate based on a the CA.
Examples
_comment Valid Testcases for ingrid document examples.
[[ $cacert := genCA "example.com" 3650 ]]
[[ $key := b64enc (toByte $cacert.Key) ]]
[[ $cert := b64enc (toByte $cacert.Cert) ]]
[[ $result := buildCustomCert $cert $key ]]
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"
[[ $string1 := b64enc (toByte "-----BEGIN CERTIFICATE----- < Certificate >-----END CERTIFICATE-----\n") ]]
[[ $string2 := b64enc (toByte "-----BEGIN RSA PRIVATE KEY----- < private key >-----END RSA PRIVATE KEY-----\n") ]]
[[ $result := buildCustomCert $string1 $string2 ]]
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"
func(counter uint32, passwordType string, password string, user string, site string) string
The derivePassword function generates a password based on the input parameters.
Application notes / Limits:
Examples
[[ $result := toString (derivePassword (int "12345") "maximum" "passwordtest" "max muster" "test.example.com") ]]
$result = "h0l74EUVH0Sr1TtHM55"
[[ $result := toString (derivePassword (int "12345") "long" "passwordtest" "max muster" "test.example.com") ]]
$result = "Sute6&CibyQelu"
[[ $result := toString (derivePassword (int "12345") "medium" "passwordtest" "max muster" "test.example.com") ]]
$result = "SutHec8%"
[[ $result := toString (derivePassword (int "12345") "short" "passwordtest" "max muster" "test.example.com") ]]
$result = "Sut1"
[[ $result := toString (derivePassword (int "12345") "basic" "passwordtest" "max muster" "test.example.com") ]]
$result = "hNW1UEr2"
[[ $result := toString (derivePassword (int "12345") "pin" "passwordtest" "max muster" "test.example.com") ]]
$result = "0431"
func(cn string, daysValid int) (certificate, error)
The genCA function generates a digital certificate for a certificate authority (CA).
Application notes / Limits:
Function-Field-Names
Examples
[[ $result := toString (genCA "testca.example.com" (int "3650")) ]]
$result.Cert = "-----BEGIN CERTIFICATE----- < content of ca certificate part >\n-----END CERTIFICATE-----\n
$result.Key = "-----BEGIN RSA PRIVATE KEY----- < content of private ca key part > \n-----END RSA PRIVATE KEY-----\n"
func(typ string) string
The genPrivateKey function generates a private key based on the required key type.
Application notes / Limits:
Examples
[[ $result := toString (genPrivateKey "") ]]
$result = "-----BEGIN RSA PRIVATE KEY----- < content of private key part > \n-----END RSA PRIVATE KEY-----\n"
[[ $result := toString (genPrivateKey "dsa") ]]
$result = "-----BEGIN DSA PRIVATE KEY----- < content of private key part > \n-----END DSA PRIVATE KEY-----\n"
[[ $result := toString (genPrivateKey "ecdsa") ]]
$result = "-----BEGIN EC PRIVATE KEY----- < content of private key part > \n-----END EC PRIVATE KEY-----\n"
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"
[[ $result := toString (genPrivateKey "test.example.com") ]]
$result = "Unknown type testca.example.com"
func(cn string, ips []string, alternateDNS []string, daysValid int) (certificate, error)
The genSelfSignedCert function generates a self signed certificate based on several input parameter.
Application notes / Limits:
Function-Field-Names
Examples
_comment Result shows 2 output fields
[[ $result := genSelfSignedCert "test.example.com" (split "10.0.0.1,10.100.0.1" "," ) (split "san1.muster.max,example.com,ingrid.example.com" ",") 365 ]]
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"
func(cn string, ips []string, alternateDNS []string, daysValid int, ca certificate) (certificate, error)
The genSignedCert function generates a signed certificate based on several input parameter and a certificate authority (CA) certificate.
Application notes / Limits:
Function-Names
Examples
_comment Example 1
_comment based on a new CA-Cert
[[ $ca := genCA "example.com" 3650 ]]
[[ $result := genSignedCert "test.example.com" (split "10.0.0.1,10.100.0.1" "," ) (split "san1.muster.max,example.com,ingrid.example.com" ",") 365 $ca ]]
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"
_comment Example 2
_comment based on existing CA-Cert, which uses the function buildCustomCert to prepare the CA for this genSignedCert zfunction
[[ $cacert := b64enc (toByte "-----BEGIN CERTIFICATE----- < Certificate >-----END CERTIFICATE-----\n") ]]
[[ $cakey := b64enc (toByte "-----BEGIN RSA PRIVATE KEY----- < private key >-----END RSA PRIVATE KEY-----\n") ]]
[[ $ca := buildCustomCert $cacert $cakey ]]
[[ $result := genSignedCert "test.example.com" (split "10.0.0.1,10.100.0.1" "," ) (split "san1.muster.max,example.com,ingrid.example.com" ",") 365 $ca ]]
_comment below is the result
$result.Cert = "-----BEGIN CERTIFICATE---- < content of certificate part > \n-----END CERTIFICATE-----\n"
$result.Key = "-----BEGIN RSA PRIVATE KEY---- < content of private key part > \n-----END RSA PRIVATE KEY------\n"