Documentation ¶
Overview ¶
Package simple provides a simple self-contained TLS Store
Index ¶
- func FindInMap(name string, m map[string]*list.List, once bool) []*tls.Certificate
- func FindSupportedInMap(chi *tls.ClientHelloInfo, name string, m map[string]*list.List) *tls.Certificate
- type Config
- type Getter
- type Store
- func (s *Store) Delete(_ context.Context, name string) error
- func (s *Store) DeleteCert(_ context.Context, cert *x509.Certificate) error
- func (s *Store) ForEach(ctx context.Context, f x509utils.StoreIterFunc) error
- func (s *Store) Get(_ context.Context, name string) (*x509.Certificate, error)
- func (s *Store) GetCAPool() *x509.CertPool
- func (s *Store) GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error)
- func (s *Store) GetCertificateWithCallback(chi *tls.ClientHelloInfo, getter Getter) (*tls.Certificate, error)
- func (s *Store) Put(_ context.Context, name string, cert *x509.Certificate) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FindSupportedInMap ¶
func FindSupportedInMap(chi *tls.ClientHelloInfo, name string, m map[string]*list.List) *tls.Certificate
FindSupportedInMap attempts to find a matching supported tls.Certificate on a MapList
Types ¶
type Config ¶
type Config struct { Base x509utils.CertPooler Logger slog.Logger }
Config is a custom factory for the Store allowing the usage of a Logger and a roots base different that what the system provides
type Getter ¶
type Getter func(ctx context.Context, key x509utils.PrivateKey, name string) (*tls.Certificate, error)
A Getter is a helper to get a certificate for a name
type Store ¶
type Store struct {
// contains filtered or unexported fields
}
Store is a darvaza TLS Store that doesn't talk to anyone external service nor monitors for new files
func NewFromBuffer ¶
func NewFromBuffer(pb *certpool.PoolBuffer, base x509utils.CertPooler) (*Store, error)
NewFromBuffer creates a Store from a given PoolBuffer
func (*Store) DeleteCert ¶
DeleteCert removes a certificate from the store
func (*Store) GetCertificate ¶
func (s *Store) GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error)
GetCertificate returns the TLS Certificate that should be used for a given TLS request
func (*Store) GetCertificateWithCallback ¶
func (s *Store) GetCertificateWithCallback(chi *tls.ClientHelloInfo, getter Getter) (*tls.Certificate, error)
GetCertificateWithCallback returns the TLS Certificate that should be used for a given TLS request. If one isn't available it call use a callback to acquire one