certs

package
v1.0.1-0...-f351835 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 23, 2021 License: MIT Imports: 15 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Certificate   = "CERTIFICATE"
	ECPrivateKey  = "EC PRIVATE KEY"
	RSAPrivateKey = "RSA PRIVATE KEY"
)
View Source
const (
	// KubeScrtName is the name of the kubernetes secret that holds the trust bundle
	KubeScrtName = "dapr-trust-bundle"
	// TrustAnchorsEnvVar is the environment variable name for the trust anchors in the sidecar
	TrustAnchorsEnvVar = "DAPR_TRUST_ANCHORS"
	CertChainEnvVar    = "DAPR_CERT_CHAIN"
	CertKeyEnvVar      = "DAPR_CERT_KEY"
)

Variables

This section is empty.

Functions

func CertPoolFromPEM

func CertPoolFromPEM(certPem []byte) (*x509.CertPool, error)

CertPoolFromPEMString returns a CertPool from a PEM encoded certificates string.

func CredentialsExist

func CredentialsExist(conf config.SentryConfig) (bool, error)

CredentialsExist checks root and issuer credentials exist on a hosting platform

func DecodePEMCertificates

func DecodePEMCertificates(crtb []byte) ([]*x509.Certificate, error)

DecodePEMCertificates takes a PEM encoded x509 certificates byte array and returns A x509 certificate and the block byte array.

func GenerateECPrivateKey

func GenerateECPrivateKey() (*ecdsa.PrivateKey, error)

GenerateECPrivateKey returns a new EC Private Key

func ParsePemCSR

func ParsePemCSR(csrPem []byte) (*x509.CertificateRequest, error)

ParsePemCSR constructs a x509 Certificate Request using the given PEM-encoded certificate signing request.

func StoreCredentials

func StoreCredentials(conf config.SentryConfig, rootCertPem, issuerCertPem, issuerKeyPem []byte) error

StoreCredentials saves the trust bundle in a Kubernetes secret store or locally on disk, depending on the hosting platform

Types

type Credentials

type Credentials struct {
	PrivateKey  *PrivateKey
	Certificate *x509.Certificate
}

Credentials holds a certificate, private key and trust chain

func PEMCredentialsFromFiles

func PEMCredentialsFromFiles(certPem, keyPem []byte) (*Credentials, error)

PEMCredentialsFromFiles takes a path for a key/cert pair and returns a validated Credentials wrapper with a trust chain.

type PrivateKey

type PrivateKey struct {
	Type string
	Key  interface{}
}

PrivateKey wraps a EC or RSA private key

func DecodePEMKey

func DecodePEMKey(key []byte) (*PrivateKey, error)

DecodePEMKey takes a key PEM byte array and returns a PrivateKey that represents Either an RSA or EC private key.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL