GO-2023-1955: Dapr API token authentication bypass in HTTP endpoints in github.com/dapr/dapr

certs

package

v1.9.6 Latest Latest Go to latest Published: Feb 2, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/dapr/dapr

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func CertPoolFromPEM(certPem []byte) (*x509.CertPool, error)
func CredentialsExist(conf config.SentryConfig) (bool, error)
func DecodePEMCertificates(crtb []byte) ([]*x509.Certificate, error)
func DecodePEMKey(key []byte) (interface{}, error)
func GenerateECPrivateKey() (*ecdsa.PrivateKey, error)
func ParsePemCSR(csrPem []byte) (*x509.CertificateRequest, error)
func StoreCredentials(conf config.SentryConfig, rootCertPem, issuerCertPem, issuerKeyPem []byte) error
type Credentials
- func PEMCredentialsFromFiles(certPem, keyPem []byte) (*Credentials, error)

Constants ¶

View Source

const (
	BlockTypeCertificate     = "CERTIFICATE"
	BlockTypeECPrivateKey    = "EC PRIVATE KEY"
	BlockTypePKCS1PrivateKey = "RSA PRIVATE KEY"
	BlockTypePKCS8PrivateKey = "PRIVATE KEY"
)

Variables ¶

This section is empty.

Functions ¶

func CertPoolFromPEM ¶

func CertPoolFromPEM(certPem []byte) (*x509.CertPool, error)

CertPoolFromPEMString returns a CertPool from a PEM encoded certificates string.

func CredentialsExist ¶ added in v0.11.1

func CredentialsExist(conf config.SentryConfig) (bool, error)

CredentialsExist checks root and issuer credentials exist on a hosting platform.

func DecodePEMCertificates ¶

func DecodePEMCertificates(crtb []byte) ([]*x509.Certificate, error)

DecodePEMCertificates takes a PEM-encoded x509 certificates byte array and returns all certificates in a slice of x509.Certificate objects.

func DecodePEMKey ¶

func DecodePEMKey(key []byte) (interface{}, error)

DecodePEMKey takes a key PEM byte array and returns an object that represents either an RSA or EC private key.

func GenerateECPrivateKey ¶

func GenerateECPrivateKey() (*ecdsa.PrivateKey, error)

GenerateECPrivateKey returns a new EC Private Key.

func ParsePemCSR ¶

func ParsePemCSR(csrPem []byte) (*x509.CertificateRequest, error)

ParsePemCSR constructs a x509 Certificate Request using the given PEM-encoded certificate signing request.

func StoreCredentials ¶

func StoreCredentials(conf config.SentryConfig, rootCertPem, issuerCertPem, issuerKeyPem []byte) error

StoreCredentials saves the trust bundle in a Kubernetes secret store or locally on disk, depending on the hosting platform.

Types ¶

type Credentials ¶

type Credentials struct {
	PrivateKey  interface{}
	Certificate *x509.Certificate
}

Credentials holds a certificate and private key.

func PEMCredentialsFromFiles ¶

func PEMCredentialsFromFiles(certPem, keyPem []byte) (*Credentials, error)

PEMCredentialsFromFiles takes a path for a key/cert pair and returns a validated Credentials wrapper.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL