simple

package
v0.5.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 22, 2023 License: MIT Imports: 14 Imported by: 3

Documentation

Overview

Package simple provides a simple self-contained TLS Store

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func FindInMap 

func FindInMap(name string, m map[string]*list.List, once bool) []*tls.Certificate

FindInMap attempts to find matching [tls.Certificate]s on a MapList

func FindSupportedInMap 

func FindSupportedInMap(chi *tls.ClientHelloInfo,
	name string, m map[string]*list.List) *tls.Certificate

FindSupportedInMap attempts to find a matching supported tls.Certificate on a MapList

func PairMatch added in v0.5.4 

func PairMatch(cert *x509.Certificate, pk x509utils.PrivateKey) bool

PairMatch tells if the public key of a PrivateKey is the same as included in a *x509.Certificate

func PrivateKeyEqual added in v0.5.4 

func PrivateKeyEqual(a, b x509utils.PrivateKey) bool

PrivateKeyEqual tells if two private keys are the same

Types

type Config 

type Config struct {
	Base   x509utils.CertPooler
	Logger slog.Logger
}

Config is a custom factory for the Store allowing the usage of a Logger and a roots base different that what the system provides

func (*Config) New 

func (c *Config) New(blocks ...string) (*Store, error)

New creates a Store using keys and certificates provided as files, directories, or direct PEM encoded content

type Getter 

type Getter func(ctx context.Context,
	key x509utils.PrivateKey, name string) (*tls.Certificate, error)

A Getter is a helper to get a certificate for a name

type Store 

type Store struct {
	// contains filtered or unexported fields
}

Store is a darvaza TLS Store that doesn't talk to anyone external service nor monitors for new files

func New 

func New(blocks ...string) (*Store, error)

New creates a Store using a list of PEM blocks, filenames, or directories

func NewFromBuffer 

func NewFromBuffer(pb *certpool.PoolBuffer, base x509utils.CertPooler) (*Store, error)

NewFromBuffer creates a Store from a given PoolBuffer

func (*Store) Delete 

func (s *Store) Delete(_ context.Context, name string) error

Delete removes a certificate by name

func (*Store) DeleteCert 

func (s *Store) DeleteCert(_ context.Context, cert *x509.Certificate) error

DeleteCert removes a certificate from the store

func (*Store) ForEach 

func (s *Store) ForEach(ctx context.Context, f x509utils.StoreIterFunc) error

ForEach iterates over all stored certificates

func (*Store) Get 

func (s *Store) Get(_ context.Context, name string) (*x509.Certificate, error)

Get gets from the Store a certificate matching the given name

func (*Store) GetCAPool 

func (s *Store) GetCAPool() *x509.CertPool

GetCAPool returns a reference to the Certificates Pool

func (*Store) GetCertificate 

func (s *Store) GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns the TLS Certificate that should be used for a given TLS request

func (*Store) GetCertificateWithCallback 

func (s *Store) GetCertificateWithCallback(chi *tls.ClientHelloInfo,
	getter Getter) (*tls.Certificate, error)

GetCertificateWithCallback returns the TLS Certificate that should be used for a given TLS request. If one isn't available it call use a callback to acquire one

func (*Store) Put 

func (s *Store) Put(_ context.Context, name string, cert *x509.Certificate) error

Put adds a certificate to the store

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.