Documentation ¶
Index ¶
- Constants
- func CertPoolFromPEM(certPem []byte) (*x509.CertPool, error)
- func CredentialsExist(conf config.SentryConfig) (bool, error)
- func DecodePEMCertificates(crtb []byte) ([]*x509.Certificate, error)
- func GenerateECPrivateKey() (*ecdsa.PrivateKey, error)
- func ParsePemCSR(csrPem []byte) (*x509.CertificateRequest, error)
- func StoreCredentials(conf config.SentryConfig, rootCertPem, issuerCertPem, issuerKeyPem []byte) error
- type Credentials
- type PrivateKey
Constants ¶
const ( Certificate = "CERTIFICATE" ECPrivateKey = "EC PRIVATE KEY" RSAPrivateKey = "RSA PRIVATE KEY" )
const ( // KubeScrtName is the name of the kubernetes secret that holds the trust bundle KubeScrtName = "dapr-trust-bundle" // TrustAnchorsEnvVar is the environment variable name for the trust anchors in the sidecar TrustAnchorsEnvVar = "DAPR_TRUST_ANCHORS" CertChainEnvVar = "DAPR_CERT_CHAIN" CertKeyEnvVar = "DAPR_CERT_KEY" )
Variables ¶
This section is empty.
Functions ¶
func CertPoolFromPEM ¶
CertPoolFromPEMString returns a CertPool from a PEM encoded certificates string.
func CredentialsExist ¶
func CredentialsExist(conf config.SentryConfig) (bool, error)
CredentialsExist checks root and issuer credentials exist on a hosting platform
func DecodePEMCertificates ¶
func DecodePEMCertificates(crtb []byte) ([]*x509.Certificate, error)
DecodePEMCertificates takes a PEM encoded x509 certificates byte array and returns A x509 certificate and the block byte array.
func GenerateECPrivateKey ¶
func GenerateECPrivateKey() (*ecdsa.PrivateKey, error)
GenerateECPrivateKey returns a new EC Private Key
func ParsePemCSR ¶
func ParsePemCSR(csrPem []byte) (*x509.CertificateRequest, error)
ParsePemCSR constructs a x509 Certificate Request using the given PEM-encoded certificate signing request.
func StoreCredentials ¶
func StoreCredentials(conf config.SentryConfig, rootCertPem, issuerCertPem, issuerKeyPem []byte) error
StoreCredentials saves the trust bundle in a Kubernetes secret store or locally on disk, depending on the hosting platform
Types ¶
type Credentials ¶
type Credentials struct { PrivateKey *PrivateKey Certificate *x509.Certificate }
Credentials holds a certificate, private key and trust chain
func PEMCredentialsFromFiles ¶
func PEMCredentialsFromFiles(certPem, keyPem []byte) (*Credentials, error)
PEMCredentialsFromFiles takes a path for a key/cert pair and returns a validated Credentials wrapper with a trust chain.
type PrivateKey ¶
type PrivateKey struct { Type string Key interface{} }
PrivateKey wraps a EC or RSA private key
func DecodePEMKey ¶
func DecodePEMKey(key []byte) (*PrivateKey, error)
DecodePEMKey takes a key PEM byte array and returns a PrivateKey that represents Either an RSA or EC private key.