Documentation
¶
Index ¶
- func CertsEqual(a, b []*x509.Certificate) bool
- func ConcatRawCertsFromCerts(certs []*x509.Certificate) []byte
- func CopyX509Authorities(x509Authorities []*x509.Certificate) []*x509.Certificate
- func CreateCACertificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, ...) (*x509.Certificate, crypto.Signer)
- func CreateCertificate(tb testing.TB, tmpl, parent *x509.Certificate, pub, priv interface{}) *x509.Certificate
- func CreateWebCredentials(t testing.TB) (*x509.CertPool, *tls.Certificate)
- func CreateX509Certificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, ...) (*x509.Certificate, crypto.Signer)
- func CreateX509SVID(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, ...) (*x509.Certificate, crypto.Signer)
- func EncodeCertificates(certificates []*x509.Certificate) []byte
- func EncodePKCS8PrivateKey(privateKey interface{}) ([]byte, error)
- func NewCertPool(certs []*x509.Certificate) *x509.CertPool
- func NewEC256Key(tb testing.TB) *ecdsa.PrivateKey
- func NewKeyID(tb testing.TB) string
- func NewSerial(tb testing.TB) *big.Int
- func ParseCertificates(certsBytes []byte) ([]*x509.Certificate, error)
- func ParsePrivateKey(keyBytes []byte) (crypto.PrivateKey, error)
- func RawCertsFromCerts(certs []*x509.Certificate) [][]byte
- type CA
- func (ca *CA) Bundle() *spiffebundle.Bundle
- func (ca *CA) ChildCA(options ...CertificateOption) *CA
- func (ca *CA) CreateJWTSVID(id spiffeid.ID, audience []string) *jwtsvid.SVID
- func (ca *CA) CreateX509Certificate(options ...CertificateOption) ([]*x509.Certificate, crypto.Signer)
- func (ca *CA) CreateX509SVID(id spiffeid.ID, options ...CertificateOption) *x509svid.SVID
- func (ca *CA) JWTAuthorities() map[string]crypto.PublicKey
- func (ca *CA) JWTBundle() *jwtbundle.Bundle
- func (ca *CA) X509Authorities() []*x509.Certificate
- func (ca *CA) X509Bundle() *x509bundle.Bundle
- type CertificateOption
- func WithIPAddresses(ips ...net.IP) CertificateOption
- func WithKeyUsage(keyUsage x509.KeyUsage) CertificateOption
- func WithLifetime(notBefore, notAfter time.Time) CertificateOption
- func WithSerial(serial *big.Int) CertificateOption
- func WithSubject(subject pkix.Name) CertificateOption
- func WithURIs(uris ...*url.URL) CertificateOption
- type WorkloadAPI
- func (w *WorkloadAPI) Addr() string
- func (w *WorkloadAPI) SetJWTBundles(jwtBundles ...*jwtbundle.Bundle)
- func (w *WorkloadAPI) SetJWTSVIDResponse(r *workload.JWTSVIDResponse)
- func (w *WorkloadAPI) SetX509Bundles(x509Bundles ...*x509bundle.Bundle)
- func (w *WorkloadAPI) SetX509SVIDResponse(r *X509SVIDResponse)
- func (w *WorkloadAPI) Stop()
- type X509SVIDResponse
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CertsEqual ¶
func CertsEqual(a, b []*x509.Certificate) bool
CertsEqual returns true if the slices of X.509 certificates are equal.
func ConcatRawCertsFromCerts ¶
func ConcatRawCertsFromCerts(certs []*x509.Certificate) []byte
func CopyX509Authorities ¶
func CopyX509Authorities(x509Authorities []*x509.Certificate) []*x509.Certificate
CopyX509Authorities copies a slice of X.509 certificates to a new slice.
func CreateCACertificate ¶
func CreateCACertificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)
func CreateCertificate ¶
func CreateCertificate(tb testing.TB, tmpl, parent *x509.Certificate, pub, priv interface{}) *x509.Certificate
func CreateWebCredentials ¶
func CreateX509Certificate ¶
func CreateX509Certificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)
func CreateX509SVID ¶
func CreateX509SVID(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, id spiffeid.ID, options ...CertificateOption) (*x509.Certificate, crypto.Signer)
func EncodeCertificates ¶
func EncodeCertificates(certificates []*x509.Certificate) []byte
func EncodePKCS8PrivateKey ¶
func NewCertPool ¶
func NewCertPool(certs []*x509.Certificate) *x509.CertPool
NewCertPool returns a new CertPool with the given X.509 certificates
func NewEC256Key ¶
func NewEC256Key(tb testing.TB) *ecdsa.PrivateKey
NewEC256Key returns an ECDSA key over the P256 curve
func ParseCertificates ¶
func ParseCertificates(certsBytes []byte) ([]*x509.Certificate, error)
func ParsePrivateKey ¶
func ParsePrivateKey(keyBytes []byte) (crypto.PrivateKey, error)
func RawCertsFromCerts ¶
func RawCertsFromCerts(certs []*x509.Certificate) [][]byte
Types ¶
type CA ¶
type CA struct {
// contains filtered or unexported fields
}
func (*CA) Bundle ¶
func (ca *CA) Bundle() *spiffebundle.Bundle
func (*CA) ChildCA ¶
func (ca *CA) ChildCA(options ...CertificateOption) *CA
func (*CA) CreateJWTSVID ¶
func (*CA) CreateX509Certificate ¶
func (ca *CA) CreateX509Certificate(options ...CertificateOption) ([]*x509.Certificate, crypto.Signer)
func (*CA) CreateX509SVID ¶
func (*CA) X509Authorities ¶
func (ca *CA) X509Authorities() []*x509.Certificate
func (*CA) X509Bundle ¶
func (ca *CA) X509Bundle() *x509bundle.Bundle
type CertificateOption ¶
type CertificateOption interface {
// contains filtered or unexported methods
}
func WithIPAddresses ¶
func WithIPAddresses(ips ...net.IP) CertificateOption
func WithKeyUsage ¶
func WithKeyUsage(keyUsage x509.KeyUsage) CertificateOption
func WithLifetime ¶
func WithLifetime(notBefore, notAfter time.Time) CertificateOption
func WithSerial ¶
func WithSerial(serial *big.Int) CertificateOption
func WithSubject ¶
func WithSubject(subject pkix.Name) CertificateOption
func WithURIs ¶
func WithURIs(uris ...*url.URL) CertificateOption
type WorkloadAPI ¶
type WorkloadAPI struct {
// contains filtered or unexported fields
}
func New ¶
func New(tb testing.TB) *WorkloadAPI
func (*WorkloadAPI) Addr ¶
func (w *WorkloadAPI) Addr() string
func (*WorkloadAPI) SetJWTBundles ¶
func (w *WorkloadAPI) SetJWTBundles(jwtBundles ...*jwtbundle.Bundle)
func (*WorkloadAPI) SetJWTSVIDResponse ¶
func (w *WorkloadAPI) SetJWTSVIDResponse(r *workload.JWTSVIDResponse)
func (*WorkloadAPI) SetX509Bundles ¶
func (w *WorkloadAPI) SetX509Bundles(x509Bundles ...*x509bundle.Bundle)
func (*WorkloadAPI) SetX509SVIDResponse ¶
func (w *WorkloadAPI) SetX509SVIDResponse(r *X509SVIDResponse)
func (*WorkloadAPI) Stop ¶
func (w *WorkloadAPI) Stop()
type X509SVIDResponse ¶
type X509SVIDResponse struct { SVIDs []*x509svid.SVID Bundle *x509bundle.Bundle FederatedBundles []*x509bundle.Bundle }
func (*X509SVIDResponse) ToProto ¶
func (r *X509SVIDResponse) ToProto(tb testing.TB) *workload.X509SVIDResponse
Click to show internal directories.
Click to hide internal directories.