crypto

package
v1.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 7, 2015 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertsFromPEM

func CertsFromPEM(pemCerts []byte) ([]*x509.Certificate, error)

func IPAddressesDNSNames

func IPAddressesDNSNames(hosts []string) ([]net.IP, []string)

func NewKeyPair

func NewKeyPair() (crypto.PublicKey, crypto.PrivateKey, error)

func SecureTLSConfig added in v1.0.7

func SecureTLSConfig(config *tls.Config) *tls.Config

SecureTLSConfig enforces the default minimum security settings for the cluster. TODO: allow override

Types

type CA

type CA struct {
	SerialFile string
	Config     *TLSCertificateConfig

	Serial int64
	// contains filtered or unexported fields
}

func EnsureCA

func EnsureCA(certFile, keyFile, serialFile, name string) (*CA, bool, error)

EnsureCA returns a CA, whether it was created (as opposed to pre-existing), and any error

func GetCA

func GetCA(certFile, keyFile, serialFile string) (*CA, error)

func MakeCA

func MakeCA(certFile, keyFile, serialFile, name string) (*CA, error)

func (*CA) EnsureClientCertificate

func (ca *CA) EnsureClientCertificate(certFile, keyFile string, u user.Info) (*TLSCertificateConfig, bool, error)

func (*CA) EnsureServerCert

func (ca *CA) EnsureServerCert(certFile, keyFile string, hostnames sets.String) (*TLSCertificateConfig, bool, error)

func (*CA) MakeClientCertificate

func (ca *CA) MakeClientCertificate(certFile, keyFile string, u user.Info) (*TLSCertificateConfig, error)

func (*CA) MakeServerCert

func (ca *CA) MakeServerCert(certFile, keyFile string, hostnames sets.String) (*TLSCertificateConfig, error)

type TLSCARoots

type TLSCARoots struct {
	Roots []*x509.Certificate
}

func GetTLSCARoots

func GetTLSCARoots(caFile string) (*TLSCARoots, error)

type TLSCertificateConfig

type TLSCertificateConfig struct {
	Certs []*x509.Certificate
	Key   crypto.PrivateKey
}

func GetServerCert

func GetServerCert(certFile, keyFile string, hostnames sets.String) (*TLSCertificateConfig, error)

func GetTLSCertificateConfig

func GetTLSCertificateConfig(certFile, keyFile string) (*TLSCertificateConfig, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL