Skip to content

Commit

Permalink
README wordsmithing
Browse files Browse the repository at this point in the history 
PiperOrigin-RevId: 354942140
  • Loading branch information
@ItsMattL @copybara-github
ItsMattL authored and copybara-github committed Feb 1, 2021
1 parent 86e39eb commit 0aa141e
Showing 1 changed file with 26 additions and 26 deletions.
52 changes: 26 additions & 26 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,39 +2,39 @@

[![Go Tests](https://github.com/google/certtostore/workflows/Go%20Tests/badge.svg)](https://github.com/google/certtostore/actions?query=workflow%3A%22Go+Tests%22)

CertToStore is a Multi-Platform package that allows you to work with x509
CertToStore is a multi-platform package that allows you to work with x509
certificates on Linux and the certificate store on Windows.

[TOC]

## Why CertToStore?

CertToStore was created to solve some specific problems when working with
certificates using Go. Ever wanted to create public/private key
pairs using the TPM or create certificate requests using TPM backed keys?
Both are possible using CertToStore on Windows. Linux support is also planned.

__Native Certificate Store Access without the prompts__
Certificate storage in CertToStore under Windows uses the certificate
store by using native Windows calls. By using native functionality, you won't
see the all to common "do you want to import this certificate?" when installing
certificates using certtostore.

Additionally, you can lookup and use existing certificates with their private
keys through CNG, regardless of how they were issued (TPM or Software backed).

__Built-in support for Cryptography API: Next Generation (CNG)__
CertToStore under Windows was built from the ground up to use Microsoft's
Cryptography API: Next Generation (CNG). This grants certificates generated,
requested, and stored using CertToStore the ability to use your computer's TPM
to safely store private key material safely.

__Compatibile with packages that use x509.Certificate__
x509 compatible certs means that you can use private keys and certificates
generated by CertToStore with just about anything else in Go that works with
certificates. Want to generate certificate requests using the TPM, and send them
to your own third-party CA? Have a Go based web server that you want to use with
a TPM backed certificate? Sure thing.
certificates using Go. Ever wanted to create public/private key pairs using the
TPM or create certificate requests using TPM backed keys? Both are possible
using CertToStore on Windows.

__Native Certificate Store Access without the prompts__ Certificate storage in
CertToStore under Windows is implemented using native Windows API calls. This
makes the package efficient and avoids problematic user prompts and
interactions.

With CertToStore, you can also lookup and use existing certificates with their
private keys through CNG, regardless of how they were issued (TPM or Software
backed).

__Built-in support for Cryptography API: Next Generation (CNG)__ CertToStore for
Windows was built from the ground up to use Microsoft's Cryptography API: Next
Generation (CNG). This grants certificates generated, requested, and stored
using CertToStore the ability to use your computer's TPM to store private key
material safely.

__Compatibile with packages that use x509.Certificate__ Certificates managed by
CertToStore are compatible with other packages that use
[x509.Certificate](https://golang.org/pkg/crypto/x509/). Want to generate
certificate requests using the TPM, and send them to your own third-party CA?
Have a Go based web server that you want to use with a TPM backed certificate?
Sure thing.

## Contact

Expand Down

0 comments on commit 0aa141e

Please sign in to comment.