Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CAServiceClient ¶
type CAServiceClient interface {
PostCertificateRenewal(
ctx context.Context,
isd int,
as api.AS,
body api.PostCertificateRenewalJSONRequestBody,
reqEditors ...api.RequestEditorFn,
) (*http.Response, error)
}
CAServiceClient is the minimal interface that is needed from go/pkg/ca/api:ClientWithResponsesInterface.
type CMS ¶
type CMS struct {
Verifier RenewalRequestVerifier
ChainBuilder ChainBuilder
IA addr.IA
// Metrics contains the counters. It is safe to pass nil-counters.
Metrics CMSHandlerMetrics
}
CMS handles CMS requests.
func (CMS) HandleCMSRequest ¶
func (s CMS) HandleCMSRequest( ctx context.Context, req *cppb.ChainRenewalRequest, ) ([]*x509.Certificate, error)
HandleCMSRequest handles a request with CMS signature.
type CMSHandlerMetrics ¶
type CMSHandlerMetrics struct {
Success metrics.Counter
DatabaseError metrics.Counter
InternalError metrics.Counter
NotFoundError metrics.Counter
ParseError metrics.Counter
VerifyError metrics.Counter
}
CMSHandlerMetrics contains the counters for the CMSHandler
type CMSRequestHandler ¶
type CMSRequestHandler interface {
HandleCMSRequest(context.Context, *cppb.ChainRenewalRequest) ([]*x509.Certificate, error)
}
CMSRequestHandler handles CMS requests.
type ChainBuilder ¶
type ChainBuilder interface {
CreateChain(context.Context, *x509.CertificateRequest) ([]*x509.Certificate, error)
}
ChainBuilder creates a chain for the given CSR.
type DelegatingHandler ¶
type DelegatingHandler struct {
Client CAServiceClient
// Metrics contains the counters. It is safe to pass nil-counters.
Metrics DelegatingHandlerMetrics
}
DelegatingHandler delegates requests to the CA service.
func (*DelegatingHandler) HandleCMSRequest ¶
func (h *DelegatingHandler) HandleCMSRequest( ctx context.Context, req *cppb.ChainRenewalRequest, ) ([]*x509.Certificate, error)
HandleCMSRequest handles a certificate renewal request that was signed with CMS by delegating it to the CA Service.
type DelegatingHandlerMetrics ¶
type DelegatingHandlerMetrics struct {
BadRequests metrics.Counter
InternalError metrics.Counter
Success metrics.Counter
}
DelegatingHandlerMetrics contains the counters for the DelegatingHandler
type LegacyRequestHandler ¶
type LegacyRequestHandler interface {
HandleLegacyRequest(context.Context,
*cppb.ChainRenewalRequest) (*cppb.ChainRenewalResponse, error)
}
LegacyRequestHandler handles legacy requests.
type RenewalRequestVerifier ¶
type RenewalRequestVerifier interface {
VerifyPbSignedRenewalRequest(context.Context, *cryptopb.SignedMessage,
[][]*x509.Certificate) (*x509.CertificateRequest, error)
VerifyCMSSignedRenewalRequest(context.Context, []byte) (*x509.CertificateRequest, error)
}
RenewalRequestVerifier verifies the incoming chain renewal request.
type RenewalServer ¶
type RenewalServer struct {
IA addr.IA
LegacyHandler LegacyRequestHandler
CMSHandler CMSRequestHandler
CMSSigner CMSSigner
// Metrics contains the counters. Different error are different counters.
Metrics RenewalServerMetrics
}
RenewalServer servers trust material for gRPC requests.
func (RenewalServer) ChainRenewal ¶
func (s RenewalServer) ChainRenewal(ctx context.Context, req *cppb.ChainRenewalRequest) (*cppb.ChainRenewalResponse, error)
Source Files
Directories