Documentation
¶
Index ¶
- Constants
- func NewSshKeyPair(privateOut, publicOut io.Writer) error
- func NewSshKeyPairUsingFileWriter(writer filewriter.FileWriter, privateKeyFilename, publicKeyFilename string) (string, []byte, error)
- func SecureCipherSuiteNames() []string
- func SecureCipherSuitesString() string
- type CertificateGenerator
- type DefaultTlsValidator
- type TlsValidator
Constants ¶
const SshKeySize = 4096
SshKeysize is the key size used when calling NewSshKeyPair().
Variables ¶
This section is empty.
Functions ¶
func NewSshKeyPair ¶ added in v0.8.0
NewSshKeyPair creates an RSA public key pair and writes each part to privateOut and publicOut. The output written to privateOut and pulicKeyOut is formatted as ssh-keygen would format keys. The private key part is PEM encoded with the key data formatted in PKCS1, ASN.1 DER as typically done by the ssh-keygen GNU tool. The public key is formatted as an SSH Authorized Key suitable for storing on servers.
func NewSshKeyPairUsingFileWriter ¶ added in v0.8.0
func NewSshKeyPairUsingFileWriter(writer filewriter.FileWriter, privateKeyFilename, publicKeyFilename string) (string, []byte, error)
NewSshKeyPairUsingFileWriter provides a mechanism for generating SSH key pairs and writing them to the writer direcftory context. It exists to create compatibility with filewriter.FileWriter and compliment older code. The string returned is a path to the private key written to disk using writer. The bytes returned are the public key formated as specified in NewSshKeyPair().
func SecureCipherSuiteNames ¶ added in v0.20.0
func SecureCipherSuiteNames() []string
This is what we currently support as the default. In the future, we can make this customizable and return a wider range of supported names.
func SecureCipherSuitesString ¶ added in v0.7.0
func SecureCipherSuitesString() string
Types ¶
type CertificateGenerator ¶ added in v0.6.0
type CertificateGenerator interface {
GenerateIamAuthSelfSignCertKeyPair() ([]byte, []byte, error)
}
func NewCertificateGenerator ¶ added in v0.6.0
func NewCertificateGenerator() CertificateGenerator
type DefaultTlsValidator ¶ added in v0.6.0
type DefaultTlsValidator struct{}
func (*DefaultTlsValidator) IsSignedByUnknownAuthority ¶ added in v0.11.0
func (tv *DefaultTlsValidator) IsSignedByUnknownAuthority(host, port string) (bool, error)
IsSignedByUnknownAuthority determines if the url is signed by an unknown authority.
func (*DefaultTlsValidator) ValidateCert ¶ added in v0.6.0
func (tv *DefaultTlsValidator) ValidateCert(host, port, caCertContent string) error
ValidateCert parses the cert, ensures that the cert format is valid and verifies that the cert is valid for the url.
type TlsValidator ¶ added in v0.6.0
type TlsValidator interface {
ValidateCert(host, port, caCertContent string) error
IsSignedByUnknownAuthority(host, port string) (bool, error)
}
func NewTlsValidator ¶ added in v0.6.0
func NewTlsValidator() TlsValidator
Source Files
Directories