buffer

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 13, 2025 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package buffer provides helpers to decode PEM files, populate a [tls.StoreWriter], and work with key and cert sets

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func InitCertSet 

func InitCertSet(out *CertSet, certs ...*tls.Certificate) error

InitCertSet initializes a preallocated CertSet.

func InitKeySet 

func InitKeySet(out *KeySet, keys ...x509utils.PrivateKey) error

InitKeySet initializes a preallocated KeySet.

func IsCancelled added in v0.4.5 

func IsCancelled(err error) bool

IsCancelled indicates the error represents a context cancellation or expiration.

func IsExists added in v0.4.5 

func IsExists(err error) bool

IsExists indicates the error means something already exists.

func MustInitCertSet 

func MustInitCertSet(out *CertSet, certs ...*tls.Certificate)

MustInitCertSet is like InitCertSet but panics on errors.

func MustInitKeySet 

func MustInitKeySet(out *KeySet, keys ...x509utils.PrivateKey)

MustInitKeySet is like InitKeySet but panics on errors.

Types

type Buffer added in v0.4.5 

type Buffer struct {
	// contains filtered or unexported fields
}

Buffer is a PEM decoding buffer to populate a [tls.StoreWriter].

func New added in v0.4.5 

func New(ctx context.Context, logger slog.Logger) *Buffer

New creates a PEM decoding Buffer to populate a [tls.StoreWriter].

func (*Buffer) AddCACerts added in v0.4.5 

func (buf *Buffer) AddCACerts(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddCACerts adds all certificates in the Buffer to the [tls.Store] as trusted CAs.

func (*Buffer) AddCert added in v0.4.5 

func (buf *Buffer) AddCert(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddCert adds all certificates in the Buffer to the [tls.Store].

func (*Buffer) AddCertPair added in v0.4.5 

func (buf *Buffer) AddCertPair(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddCertPair adds all certificates in the Buffer to the [tls.Store] considering intermediate certificates in the Source and a private key anywhere in the Buffer

func (*Buffer) AddPrivateKey added in v0.4.5 

func (buf *Buffer) AddPrivateKey(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddPrivateKey adds all private keys in the Buffer to the [tls.Store].

func (*Buffer) Certs added in v0.4.5 

func (buf *Buffer) Certs() *certpool.CertSet

Certs returns the certpool.CertSet containing all X.509 certificates in the Buffer.

func (*Buffer) Clone added in v0.4.5 

func (buf *Buffer) Clone() *Buffer

Clone creates a copy of the Buffer. It returns nil if the receiver is nil of if it fails to initialize.

func (*Buffer) ForEach added in v0.4.5 

func (buf *Buffer) ForEach(fn ForEachIterFunc)

ForEach calls a function for each processed source.

func (*Buffer) Keys added in v0.4.5 

func (buf *Buffer) Keys() *KeySet

Keys returns the [basic.KeySet] containing all private keys in the Buffer.

func (*Buffer) NewAddCallback added in v0.4.5 

func (buf *Buffer) NewAddCallback() x509utils.DecodePEMBlockFunc

NewAddCallback returns a callback that adds all certificates and private keys to the Buffer.

func (*Buffer) NewAddCertsCallback added in v0.4.5 

func (buf *Buffer) NewAddCertsCallback() x509utils.DecodePEMBlockFunc

NewAddCertsCallback returns a callback that adds all certificates to the Buffer.

func (*Buffer) NewAddPrivateKeysCallback added in v0.4.5 

func (buf *Buffer) NewAddPrivateKeysCallback() x509utils.DecodePEMBlockFunc

NewAddPrivateKeysCallback returns a callback that adds private keys to the Buffer.

func (*Buffer) Pairs added in v0.4.5 

func (buf *Buffer) Pairs() ([]CertKeyPairs, error)

Pairs returns CertKeyPairs for all keys in the Buffer.

type CertKeyPairs added in v0.4.5 

type CertKeyPairs struct {
	Key   x509utils.PrivateKey
	Certs []*x509.Certificate
}

CertKeyPairs groups a key with matching certificates.

type CertSet 

type CertSet struct {
	set.Set[*x509.Certificate, certpool.Hash, *tls.Certificate]
}

CertSet keeps a thread-safe set of unique [tls.Certificate]s.

func MustCertSet 

func MustCertSet(certs ...*tls.Certificate) *CertSet

MustCertSet is like NewCertSet but panics on errors.

func NewCertSet 

func NewCertSet(certs ...*tls.Certificate) (*CertSet, error)

NewCertSet creates a CertSet optionally taking its initial content as argument.

func (*CertSet) Clone 

func (cs *CertSet) Clone() *CertSet

Clone creates a copy of the CertSet.

func (*CertSet) Copy 

func (cs *CertSet) Copy(dst *CertSet, cond func(*tls.Certificate) bool) *CertSet

Copy copies all certificates that satisfy the condition to the destination CertSet unless they are already there. If a destination isn't provided one will be created. If a condition function isn't provided, all certificates not present in the destination will be added.

type ForEachIterFunc added in v0.4.5 

type ForEachIterFunc func(fs.FS, string, []x509utils.PrivateKey, []*x509.Certificate, []error) bool

ForEachIterFunc represents a callback passed to ForEach and invoked for each source in the Buffer until it returns false.

type KeySet 

type KeySet struct {
	set.Set[x509utils.PublicKey, certpool.Hash, x509utils.PrivateKey]
}

KeySet keeps a thread-safe set of unique [x509utils.PrivateKey]s.

func MustKeySet 

func MustKeySet(keys ...x509utils.PrivateKey) *KeySet

MustKeySet is like NewKeySet but panics on errors.

func NewKeySet 

func NewKeySet(keys ...x509utils.PrivateKey) (*KeySet, error)

NewKeySet creates a KeySet optionally taking its initial content as argument.

func (*KeySet) Clone 

func (ks *KeySet) Clone() *KeySet

Clone creates a copy of the KeySet.

func (*KeySet) Copy 

func (ks *KeySet) Copy(dst *KeySet, cond func(x509utils.PrivateKey) bool) *KeySet

Copy copies all keys that satisfy the condition to the destination KeySet unless they are already there. If a destination isn't provided one will be created. If a condition function isn't provided, all keys not present in the destination will be added.

func (*KeySet) GetFromCertificate 

func (ks *KeySet) GetFromCertificate(cert *x509.Certificate) (x509utils.PrivateKey, error)

GetFromCertificate is like Get but uses the public key associated with the given certificate.

func (*KeySet) Public 

func (*KeySet) Public(key x509utils.PrivateKey) x509utils.PublicKey

Public handles type-casting of public keys.

type Source added in v0.4.5 

type Source struct {
	SourceName

	Certs []*x509.Certificate
	Keys  []x509utils.PrivateKey
	Errs  []error
}

Source contains certificates, keys and errors collected while reading PEM content.

func (*Source) AddCACerts added in v0.4.5 

func (src *Source) AddCACerts(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddCACerts adds all certificates from the Source to the [tls.Store] as trusted CAs.

func (*Source) AddCert added in v0.4.5 

func (src *Source) AddCert(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddCert adds all certificates from the Source to the [tls.Store].

func (*Source) AddCertPair added in v0.4.5 

func (src *Source) AddCertPair(ctx context.Context, out tls.StoreX509Writer, keys *KeySet) (int, error)

AddCertPair adds the first certificate in the Source to the [tls.Store] using the rest as intermediate. a key in the same source is preferred but it can also use a KeySet to find it.

func (*Source) AddPrivateKeys added in v0.4.5 

func (src *Source) AddPrivateKeys(ctx context.Context, out tls.StoreX509Writer) (int, error)

AddPrivateKeys adds all private keys from the Source to the [tls.Store].

func (*Source) Clone added in v0.4.5 

func (src *Source) Clone() *Source

Clone creates a copy of the Source.

type SourceName added in v0.4.5 

type SourceName struct {
	FS       fs.FS
	FileName string
}

SourceName identifies the Source.

func NewSourceName added in v0.4.5 

func NewSourceName(fSys fs.FS, fileName string) SourceName

NewSourceName creates a new SourceName

func (SourceName) AppendError added in v0.4.5 

func (sn SourceName) AppendError(out *core.CompoundError, err error, op, note string)

AppendError appends an error annotated by with source details. Compound errors will be appended individually to the output.

func (SourceName) IsFile added in v0.4.5 

func (sn SourceName) IsFile() bool

IsFile tells if the Source was a file.

func (SourceName) NewError added in v0.4.5 

func (sn SourceName) NewError(err error, op, note string) error

NewError creates a fs.PathError if the source has a name, otherwise it wraps and annotates the given error. if no error or annotation is passed no error will be returned.

func (SourceName) NewErrorf added in v0.4.5 

func (sn SourceName) NewErrorf(err error, op, format string, args ...any) error

NewErrorf works like NewError but the note is a formatted string.

func (SourceName) NewPathError added in v0.4.5 

func (sn SourceName) NewPathError(err error, op, note string) *fs.PathError

NewPathError creates an fs.PathError using its fileName and the given Op and error. The note can be used to annotate the error. See [NewErrorf] for formatted annotations.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.