Imports

../../crypto/crypto, ../../errors, certificate_ffi, ../../peerid

Types

CertificateCreationError = object of TLSCertificateError: Source Edit
CertificateParsingError = object of TLSCertificateError: Source Edit
CertificatePubKeySerializationError = object of TLSCertificateError: Source Edit
CertificateX509 = object certificate*: seq[byte] privateKey*: seq[byte]: Source Edit
EncodingFormat = enum DER, PEM: Source Edit
IdentityPubKeySerializationError = object of TLSCertificateError: Source Edit
IdentitySigningError = object of TLSCertificateError: Source Edit
KeyGenerationError = object of TLSCertificateError: Source Edit
P2pCertificate = object extension*: P2pExtension pubKeyDer: seq[byte] validFrom: Time validTo: Time: Source Edit
P2pExtension = object publicKey*: seq[byte] signature*: seq[byte]: Source Edit
TLSCertificateError = object of LPError: Source Edit

Procs

proc generateX509(identityKeyPair: KeyPair;
                  validFrom: Time = fromUnix(157813200);
                  validTo: Time = fromUnix(67090165200'i64);
                  encodingFormat: EncodingFormat = EncodingFormat.DER): CertificateX509 {....raises: [
    KeyGenerationError, IdentitySigningError, IdentityPubKeySerializationError,
    CertificateCreationError, CertificatePubKeySerializationError],
    tags: [RootEffect].}

Generates a self-signed X.509 certificate with the libp2p extension.

Parameters:

identityKeyPair: The peer's identity key pair.
encodingFormat: The encoding format of generated certificate.

Returns: A tuple containing:

raw - The certificate content (encoded using encodingFormat).
privateKey - The private key.

Raises:

KeyGenerationError if key generation fails.
CertificateCreationError if certificate creation fails.

Source Edit

proc parse(certificateDer: seq[byte]): P2pCertificate {.
    ...raises: [CertificateParsingError], tags: [TimeEffect].}

Parses a DER-encoded certificate and extracts the P2pCertificate.

Parameters:

certificateDer: The DER-encoded certificate bytes.

Returns: A P2pCertificate object containing the certificate and its libp2p extension.

Raises:

CertificateParsingError if certificate parsing fails.

Source Edit

proc parseCertTime(certTime: string): Time {....raises: [TimeParseError],
    tags: [TimeEffect].}

Source Edit

func peerId(cert: P2pCertificate): PeerId {....raises: [LPError],
    tags: [RootEffect].}

Source Edit

func publicKey(cert: P2pCertificate): PublicKey {....raises: [], tags: [RootEffect].}

Source Edit

proc verify(self: P2pCertificate): bool {....raises: [],
    tags: [TimeEffect, RootEffect].}

Verifies that P2pCertificate has signature that was signed by owner of the certificate.

Parameters:

self: The P2pCertificate.

Returns: true if certificate is valid.

Source Edit

libp2p/transports/tls/certificate

Imports

Types

Procs