enroller

package
v1.0.8-3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 12, 2024 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// HSMClient is the name of container that contain the HSM client library
	HSMClient = "hsm-client"
	// CertGen is the name of container that runs the command to generate the certificate for the CA
	CertGen = "certgen"
)

Variables

This section is empty.

Functions

func GetClient

func GetClient(client *lib.Client, bccsp *commonapi.BCCSP) *lib.Client

func ParseEnrollmentResponse

func ParseEnrollmentResponse(resp *config.Response, si *lib.GetCAInfoResponse) (*config.Response, error)

Types

type CAClient

type CAClient interface {
	Init() error
	Enroll(*api.EnrollmentRequest) (*lib.EnrollmentResponse, error)
	GetEnrollmentRequest() *current.Enrollment
	GetHomeDir() string
	GetTLSCert() []byte
	PingCA(time.Duration) error
}

type CryptoEnroller

type CryptoEnroller interface {
	GetEnrollmentRequest() *current.Enrollment
	Enroll() (*config.Response, error)
	PingCA(time.Duration) error
}

type CryptoInstance

type CryptoInstance interface {
	runtime.Object
	Instance
	IsHSMEnabled() bool
	UsingHSMProxy() bool
	GetConfigOverride() (interface{}, error)
}

type Enroller

type Enroller struct {
	Enroller CryptoEnroller
	Timeout  time.Duration
}

func Factory

func Factory(enrollment *current.Enrollment, k8sClient k8sclient.Client, instance CryptoInstance, storagePath string, scheme *runtime.Scheme, bytes []byte, timeouts HSMEnrollJobTimeouts) (*Enroller, error)

func New

func New(enroller CryptoEnroller) *Enroller

func (*Enroller) GetCrypto

func (e *Enroller) GetCrypto() (*config.Response, error)

func (*Enroller) PingCA

func (e *Enroller) PingCA() error

func (*Enroller) Validate

func (e *Enroller) Validate() error

type FabCAClient

type FabCAClient struct {
	*lib.Client

	EnrollmentCfg *current.Enrollment
	BCCSP         *commonapi.BCCSP
	CATLSCert     []byte
}

func NewFabCAClient

func NewFabCAClient(cfg *current.Enrollment, homeDir string, bccsp *commonapi.BCCSP, cert []byte) *FabCAClient

func (*FabCAClient) GetConfig

func (c *FabCAClient) GetConfig() *lib.ClientConfig

func (*FabCAClient) GetEnrollmentRequest

func (c *FabCAClient) GetEnrollmentRequest() *current.Enrollment

func (*FabCAClient) GetHomeDir

func (c *FabCAClient) GetHomeDir() string

func (*FabCAClient) GetTLSCert

func (c *FabCAClient) GetTLSCert() []byte

func (*FabCAClient) PingCA

func (c *FabCAClient) PingCA(timeout time.Duration) error

func (*FabCAClient) SetHSMLibrary

func (c *FabCAClient) SetHSMLibrary(library string)

func (*FabCAClient) SetURL

func (c *FabCAClient) SetURL(url string)

type HSMCAClient

type HSMCAClient interface {
	GetEnrollmentRequest() *current.Enrollment
	GetHomeDir() string
	PingCA(time.Duration) error
	SetHSMLibrary(string)
	GetConfig() *lib.ClientConfig
}

type HSMDaemonEnroller

type HSMDaemonEnroller struct {
	CAClient HSMCAClient
	Client   k8sclient.Client
	Instance Instance
	Timeouts HSMEnrollJobTimeouts
	Scheme   *runtime.Scheme
	Config   *config.HSMConfig
}

HSMDaemonEnroller is responsible for enrolling with CAs to generate cryptographic materical for fabric nodes

func NewHSMDaemonEnroller

func NewHSMDaemonEnroller(cfg *current.Enrollment, instance Instance, caclient HSMCAClient, client k8sclient.Client, scheme *runtime.Scheme, timeouts HSMEnrollJobTimeouts, hsmConfig *config.HSMConfig) *HSMDaemonEnroller

NewHSMDaemonEnroller initializes and returns a pointer to HSMDaemonEnroller

func (*HSMDaemonEnroller) Enroll

func (e *HSMDaemonEnroller) Enroll() (*config.Response, error)

Enroll reaches out the CA to get back a signed certificate

func (*HSMDaemonEnroller) GetEnrollmentRequest

func (e *HSMDaemonEnroller) GetEnrollmentRequest() *current.Enrollment

GetEnrollmentRequest returns the enrollment request defined on the ca client

func (*HSMDaemonEnroller) PingCA

func (e *HSMDaemonEnroller) PingCA(timeout time.Duration) error

PingCA uses the ca client do ping the CA

func (*HSMDaemonEnroller) ReadKey

func (e *HSMDaemonEnroller) ReadKey() ([]byte, error)

ReadKey is no-op method on HSM

type HSMEnrollJobTimeouts

type HSMEnrollJobTimeouts struct {
	JobStart      common.Duration `json:"jobStart" yaml:"jobStart"`
	JobCompletion common.Duration `json:"jobCompletion" yaml:"jobCompletion"`
}

type HSMEnroller

type HSMEnroller struct {
	CAClient HSMCAClient
	Client   k8sclient.Client
	Instance Instance
	Timeouts HSMEnrollJobTimeouts
	Scheme   *runtime.Scheme
	Config   *config.HSMConfig
}

func NewHSMEnroller

func NewHSMEnroller(cfg *current.Enrollment, instance Instance, caclient HSMCAClient, client k8sclient.Client, scheme *runtime.Scheme, timeouts HSMEnrollJobTimeouts, hsmConfig *config.HSMConfig) *HSMEnroller

func (*HSMEnroller) Enroll

func (e *HSMEnroller) Enroll() (*config.Response, error)

func (*HSMEnroller) GetEnrollmentRequest

func (e *HSMEnroller) GetEnrollmentRequest() *current.Enrollment

func (*HSMEnroller) PingCA

func (e *HSMEnroller) PingCA(timeout time.Duration) error

func (*HSMEnroller) ReadKey

func (e *HSMEnroller) ReadKey() ([]byte, error)

type HSMProxyCAClient

type HSMProxyCAClient interface {
	Init() error
	Enroll(*api.EnrollmentRequest) (*lib.EnrollmentResponse, error)
	GetEnrollmentRequest() *current.Enrollment
	GetHomeDir() string
	GetTLSCert() []byte
	PingCA(time.Duration) error
	SetHSMLibrary(string)
}

type HSMProxyEnroller

type HSMProxyEnroller struct {
	Client HSMProxyCAClient
	Req    *current.Enrollment
}

func NewHSMProxyEnroller

func NewHSMProxyEnroller(caClient HSMProxyCAClient) *HSMProxyEnroller

func (*HSMProxyEnroller) Enroll

func (e *HSMProxyEnroller) Enroll() (*config.Response, error)

func (*HSMProxyEnroller) GetEnrollmentRequest

func (e *HSMProxyEnroller) GetEnrollmentRequest() *current.Enrollment

func (*HSMProxyEnroller) PingCA

func (e *HSMProxyEnroller) PingCA(timeout time.Duration) error

type Instance

type Instance interface {
	metav1.Object
	EnrollerImage() string
	GetPullSecrets() []corev1.LocalObjectReference
	PVCName() string
	GetResource(current.Component) corev1.ResourceRequirements
}

type SWEnroller

type SWEnroller struct {
	Client CAClient
}

func NewSWEnroller

func NewSWEnroller(caClient CAClient) *SWEnroller

func (*SWEnroller) Enroll

func (e *SWEnroller) Enroll() (*config.Response, error)

func (*SWEnroller) GetEnrollmentRequest

func (e *SWEnroller) GetEnrollmentRequest() *current.Enrollment

func (*SWEnroller) PingCA

func (e *SWEnroller) PingCA(timeout time.Duration) error

func (*SWEnroller) ReadKey

func (e *SWEnroller) ReadKey() ([]byte, error)

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL