Documentation
¶
Overview ¶
Package sshca implements a simple certificate authority for SSH.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Options ¶
type Options struct {
// Name is the name of the CA.
Name string `yaml:"name"`
// KeyType is type of cryptographic key to use with this CA. Valid
// values are: ecdsa-p256, ecdsa-p384, ecdsa-p521, ed25519,
// rsa-2048, rsa-3072, and rsa-4096.
KeyType string `yaml:"keyType,omitempty"`
// PublicKeyEndpoint is the URL where the CA's public key is published.
PublicKeyEndpoint string `yaml:"publicKeyEndpoint"`
// CertificateEndpoint is the URL where certificates are issued. It
// receives a public key in a POST request and returns a certificate.
CertificateEndpoint string `yaml:"certificateEndpoint"`
// TPM is used for hardware-backed keys.
TPM *tpm.TPM
// Store is used to store the PKI manager's data.
Store *storage.Storage
// EventRecorder is used to record events.
EventRecorder interface {
Record(string)
}
Logger interface {
Errorf(format string, args ...any)
}
// ClaimsFromCtx returns jwt claims for the current user.
ClaimsFromCtx func(context.Context) jwt.MapClaims
}
Options are used to configure the CA.
type SSHCA ¶
type SSHCA struct {
// contains filtered or unexported fields
}
SSHCA implements a simple certificate authority for SSH keys.
func (*SSHCA) ServeCertificate ¶
func (ca *SSHCA) ServeCertificate(w http.ResponseWriter, req *http.Request)
func (*SSHCA) ServePublicKey ¶
func (ca *SSHCA) ServePublicKey(w http.ResponseWriter, req *http.Request)
Source Files
Click to show internal directories.
Click to hide internal directories.