protobuf

package
v1.6.4 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 4, 2024 License: Apache-2.0 Imports: 17 Imported by: 2

Documentation

Overview

Package protobuf is a reverse proxy.

It translates gRPC into RESTful JSON APIs.

Index

Constants

View Source
const (
	CA_CreateSigningCertificate_FullMethodName = "/dev.sigstore.fulcio.v2.CA/CreateSigningCertificate"
	CA_GetTrustBundle_FullMethodName           = "/dev.sigstore.fulcio.v2.CA/GetTrustBundle"
	CA_GetConfiguration_FullMethodName         = "/dev.sigstore.fulcio.v2.CA/GetConfiguration"
)

Variables

View Source
var (
	PublicKeyAlgorithm_name = map[int32]string{
		0: "PUBLIC_KEY_ALGORITHM_UNSPECIFIED",
		1: "RSA_PSS",
		2: "ECDSA",
		3: "ED25519",
	}
	PublicKeyAlgorithm_value = map[string]int32{
		"PUBLIC_KEY_ALGORITHM_UNSPECIFIED": 0,
		"RSA_PSS":                          1,
		"ECDSA":                            2,
		"ED25519":                          3,
	}
)

Enum value maps for PublicKeyAlgorithm.

View Source
var CA_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "dev.sigstore.fulcio.v2.CA",
	HandlerType: (*CAServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CreateSigningCertificate",
			Handler:    _CA_CreateSigningCertificate_Handler,
		},
		{
			MethodName: "GetTrustBundle",
			Handler:    _CA_GetTrustBundle_Handler,
		},
		{
			MethodName: "GetConfiguration",
			Handler:    _CA_GetConfiguration_Handler,
		},
	},
	Streams:  []grpc.StreamDesc{},
	Metadata: "fulcio.proto",
}

CA_ServiceDesc is the grpc.ServiceDesc for CA service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source
var File_fulcio_proto protoreflect.FileDescriptor

Functions

func RegisterCAHandler

func RegisterCAHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error

RegisterCAHandler registers the http handlers for service CA to "mux". The handlers forward requests to the grpc endpoint over "conn".

func RegisterCAHandlerClient

func RegisterCAHandlerClient(ctx context.Context, mux *runtime.ServeMux, client CAClient) error

RegisterCAHandlerClient registers the http handlers for service CA to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "CAClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "CAClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "CAClient" to call the correct interceptors. This client ignores the HTTP middlewares.

func RegisterCAHandlerFromEndpoint

func RegisterCAHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)

RegisterCAHandlerFromEndpoint is same as RegisterCAHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.

func RegisterCAHandlerServer

func RegisterCAHandlerServer(ctx context.Context, mux *runtime.ServeMux, server CAServer) error

RegisterCAHandlerServer registers the http handlers for service CA to "mux". UnaryRPC :call CAServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterCAHandlerFromEndpoint instead. GRPC interceptors will not work for this type of registration. To use interceptors, you must use the "runtime.WithMiddlewares" option in the "runtime.NewServeMux" call.

func RegisterCAServer

func RegisterCAServer(s grpc.ServiceRegistrar, srv CAServer)

Types

type CAClient

type CAClient interface {
	// *
	// Returns an X.509 certificate created by the Fulcio certificate authority for the given request parameters
	CreateSigningCertificate(ctx context.Context, in *CreateSigningCertificateRequest, opts ...grpc.CallOption) (*SigningCertificate, error)
	// *
	// Returns the bundle of certificates that can be used to validate code signing certificates issued by this Fulcio instance
	GetTrustBundle(ctx context.Context, in *GetTrustBundleRequest, opts ...grpc.CallOption) (*TrustBundle, error)
	// *
	// Returns the configuration of supported OIDC issuers, including the required challenge for each issuer.
	GetConfiguration(ctx context.Context, in *GetConfigurationRequest, opts ...grpc.CallOption) (*Configuration, error)
}

CAClient is the client API for CA service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewCAClient

func NewCAClient(cc grpc.ClientConnInterface) CAClient

type CAServer

type CAServer interface {
	// *
	// Returns an X.509 certificate created by the Fulcio certificate authority for the given request parameters
	CreateSigningCertificate(context.Context, *CreateSigningCertificateRequest) (*SigningCertificate, error)
	// *
	// Returns the bundle of certificates that can be used to validate code signing certificates issued by this Fulcio instance
	GetTrustBundle(context.Context, *GetTrustBundleRequest) (*TrustBundle, error)
	// *
	// Returns the configuration of supported OIDC issuers, including the required challenge for each issuer.
	GetConfiguration(context.Context, *GetConfigurationRequest) (*Configuration, error)
	// contains filtered or unexported methods
}

CAServer is the server API for CA service. All implementations must embed UnimplementedCAServer for forward compatibility.

type CertificateChain

type CertificateChain struct {

	// The PEM-encoded certificate chain, ordered from leaf to intermediate to root as applicable.
	Certificates []string `protobuf:"bytes,1,rep,name=certificates,proto3" json:"certificates,omitempty"`
	// contains filtered or unexported fields
}

func (*CertificateChain) Descriptor deprecated

func (*CertificateChain) Descriptor() ([]byte, []int)

Deprecated: Use CertificateChain.ProtoReflect.Descriptor instead.

func (*CertificateChain) GetCertificates

func (x *CertificateChain) GetCertificates() []string

func (*CertificateChain) ProtoMessage

func (*CertificateChain) ProtoMessage()

func (*CertificateChain) ProtoReflect

func (x *CertificateChain) ProtoReflect() protoreflect.Message

func (*CertificateChain) Reset

func (x *CertificateChain) Reset()

func (*CertificateChain) String

func (x *CertificateChain) String() string

type Configuration added in v0.5.0

type Configuration struct {

	// The OIDC issuers supported by this Fulcio instance.
	Issuers []*OIDCIssuer `protobuf:"bytes,1,rep,name=issuers,proto3" json:"issuers,omitempty"`
	// contains filtered or unexported fields
}

The configuration for the Fulcio instance.

func (*Configuration) Descriptor deprecated added in v0.5.0

func (*Configuration) Descriptor() ([]byte, []int)

Deprecated: Use Configuration.ProtoReflect.Descriptor instead.

func (*Configuration) GetIssuers added in v0.5.0

func (x *Configuration) GetIssuers() []*OIDCIssuer

func (*Configuration) ProtoMessage added in v0.5.0

func (*Configuration) ProtoMessage()

func (*Configuration) ProtoReflect added in v0.5.0

func (x *Configuration) ProtoReflect() protoreflect.Message

func (*Configuration) Reset added in v0.5.0

func (x *Configuration) Reset()

func (*Configuration) String added in v0.5.0

func (x *Configuration) String() string

type CreateSigningCertificateRequest

type CreateSigningCertificateRequest struct {

	// Identity information about who possesses the private / public key pair presented
	Credentials *Credentials `protobuf:"bytes,1,opt,name=credentials,proto3" json:"credentials,omitempty"`
	// Types that are assignable to Key:
	//
	//	*CreateSigningCertificateRequest_PublicKeyRequest
	//	*CreateSigningCertificateRequest_CertificateSigningRequest
	Key isCreateSigningCertificateRequest_Key `protobuf_oneof:"key"`
	// contains filtered or unexported fields
}

func (*CreateSigningCertificateRequest) Descriptor deprecated

func (*CreateSigningCertificateRequest) Descriptor() ([]byte, []int)

Deprecated: Use CreateSigningCertificateRequest.ProtoReflect.Descriptor instead.

func (*CreateSigningCertificateRequest) GetCertificateSigningRequest

func (x *CreateSigningCertificateRequest) GetCertificateSigningRequest() []byte

func (*CreateSigningCertificateRequest) GetCredentials

func (x *CreateSigningCertificateRequest) GetCredentials() *Credentials

func (*CreateSigningCertificateRequest) GetKey

func (m *CreateSigningCertificateRequest) GetKey() isCreateSigningCertificateRequest_Key

func (*CreateSigningCertificateRequest) GetPublicKeyRequest

func (x *CreateSigningCertificateRequest) GetPublicKeyRequest() *PublicKeyRequest

func (*CreateSigningCertificateRequest) ProtoMessage

func (*CreateSigningCertificateRequest) ProtoMessage()

func (*CreateSigningCertificateRequest) ProtoReflect

func (*CreateSigningCertificateRequest) Reset

func (*CreateSigningCertificateRequest) String

type CreateSigningCertificateRequest_CertificateSigningRequest

type CreateSigningCertificateRequest_CertificateSigningRequest struct {
	// PKCS#10 PEM-encoded certificate signing request
	//
	// Contains the public key to be stored in the requested certificate. All other CSR fields
	// are ignored. Since the CSR is self-signed, it also acts as a proof of possession of
	// the private key.
	//
	// In particular, the CSR's subject name is not verified, or tested for
	// compatibility with its specified X.509 name type (e.g. email address).
	CertificateSigningRequest []byte `protobuf:"bytes,3,opt,name=certificate_signing_request,json=certificateSigningRequest,proto3,oneof"`
}

type CreateSigningCertificateRequest_PublicKeyRequest

type CreateSigningCertificateRequest_PublicKeyRequest struct {
	// The public key to be stored in the requested certificate along with a signed
	// challenge as proof of possession of the private key.
	PublicKeyRequest *PublicKeyRequest `protobuf:"bytes,2,opt,name=public_key_request,json=publicKeyRequest,proto3,oneof"`
}

type Credentials

type Credentials struct {

	// Types that are assignable to Credentials:
	//
	//	*Credentials_OidcIdentityToken
	Credentials isCredentials_Credentials `protobuf_oneof:"credentials"`
	// contains filtered or unexported fields
}

func (*Credentials) Descriptor deprecated

func (*Credentials) Descriptor() ([]byte, []int)

Deprecated: Use Credentials.ProtoReflect.Descriptor instead.

func (*Credentials) GetCredentials

func (m *Credentials) GetCredentials() isCredentials_Credentials

func (*Credentials) GetOidcIdentityToken

func (x *Credentials) GetOidcIdentityToken() string

func (*Credentials) ProtoMessage

func (*Credentials) ProtoMessage()

func (*Credentials) ProtoReflect

func (x *Credentials) ProtoReflect() protoreflect.Message

func (*Credentials) Reset

func (x *Credentials) Reset()

func (*Credentials) String

func (x *Credentials) String() string

type Credentials_OidcIdentityToken

type Credentials_OidcIdentityToken struct {
	// The OIDC token that identifies the caller
	OidcIdentityToken string `protobuf:"bytes,1,opt,name=oidc_identity_token,json=oidcIdentityToken,proto3,oneof"`
}

type GetConfigurationRequest added in v0.5.0

type GetConfigurationRequest struct {
	// contains filtered or unexported fields
}

This is created for forward compatibility in case we want to add fields in the future.

func (*GetConfigurationRequest) Descriptor deprecated added in v0.5.0

func (*GetConfigurationRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetConfigurationRequest.ProtoReflect.Descriptor instead.

func (*GetConfigurationRequest) ProtoMessage added in v0.5.0

func (*GetConfigurationRequest) ProtoMessage()

func (*GetConfigurationRequest) ProtoReflect added in v0.5.0

func (x *GetConfigurationRequest) ProtoReflect() protoreflect.Message

func (*GetConfigurationRequest) Reset added in v0.5.0

func (x *GetConfigurationRequest) Reset()

func (*GetConfigurationRequest) String added in v0.5.0

func (x *GetConfigurationRequest) String() string

type GetTrustBundleRequest

type GetTrustBundleRequest struct {
	// contains filtered or unexported fields
}

This is created for forward compatibility in case we want to add fields to the TrustBundle service in the future

func (*GetTrustBundleRequest) Descriptor deprecated

func (*GetTrustBundleRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetTrustBundleRequest.ProtoReflect.Descriptor instead.

func (*GetTrustBundleRequest) ProtoMessage

func (*GetTrustBundleRequest) ProtoMessage()

func (*GetTrustBundleRequest) ProtoReflect

func (x *GetTrustBundleRequest) ProtoReflect() protoreflect.Message

func (*GetTrustBundleRequest) Reset

func (x *GetTrustBundleRequest) Reset()

func (*GetTrustBundleRequest) String

func (x *GetTrustBundleRequest) String() string

type OIDCIssuer added in v0.5.0

type OIDCIssuer struct {

	// Types that are assignable to Issuer:
	//
	//	*OIDCIssuer_IssuerUrl
	//	*OIDCIssuer_WildcardIssuerUrl
	Issuer isOIDCIssuer_Issuer `protobuf_oneof:"issuer"`
	// The expected audience of the OIDC token for the issuer.
	Audience string `protobuf:"bytes,3,opt,name=audience,proto3" json:"audience,omitempty"`
	// The OIDC claim that must be signed for a proof of possession challenge.
	ChallengeClaim string `protobuf:"bytes,4,opt,name=challenge_claim,json=challengeClaim,proto3" json:"challenge_claim,omitempty"`
	// The expected SPIFFE trust domain. Only present when the OIDC issuer issues tokens for SPIFFE identities.
	SpiffeTrustDomain string `protobuf:"bytes,5,opt,name=spiffe_trust_domain,json=spiffeTrustDomain,proto3" json:"spiffe_trust_domain,omitempty"`
	// contains filtered or unexported fields
}

Metadata about an OIDC issuer.

func (*OIDCIssuer) Descriptor deprecated added in v0.5.0

func (*OIDCIssuer) Descriptor() ([]byte, []int)

Deprecated: Use OIDCIssuer.ProtoReflect.Descriptor instead.

func (*OIDCIssuer) GetAudience added in v0.5.0

func (x *OIDCIssuer) GetAudience() string

func (*OIDCIssuer) GetChallengeClaim added in v0.5.0

func (x *OIDCIssuer) GetChallengeClaim() string

func (*OIDCIssuer) GetIssuer added in v0.5.0

func (m *OIDCIssuer) GetIssuer() isOIDCIssuer_Issuer

func (*OIDCIssuer) GetIssuerUrl added in v0.5.0

func (x *OIDCIssuer) GetIssuerUrl() string

func (*OIDCIssuer) GetSpiffeTrustDomain added in v0.5.0

func (x *OIDCIssuer) GetSpiffeTrustDomain() string

func (*OIDCIssuer) GetWildcardIssuerUrl added in v0.5.0

func (x *OIDCIssuer) GetWildcardIssuerUrl() string

func (*OIDCIssuer) ProtoMessage added in v0.5.0

func (*OIDCIssuer) ProtoMessage()

func (*OIDCIssuer) ProtoReflect added in v0.5.0

func (x *OIDCIssuer) ProtoReflect() protoreflect.Message

func (*OIDCIssuer) Reset added in v0.5.0

func (x *OIDCIssuer) Reset()

func (*OIDCIssuer) String added in v0.5.0

func (x *OIDCIssuer) String() string

type OIDCIssuer_IssuerUrl added in v0.5.0

type OIDCIssuer_IssuerUrl struct {
	// The URL of the OIDC issuer.
	IssuerUrl string `protobuf:"bytes,1,opt,name=issuer_url,json=issuerUrl,proto3,oneof"`
}

type OIDCIssuer_WildcardIssuerUrl added in v0.5.0

type OIDCIssuer_WildcardIssuerUrl struct {
	// The URL of wildcard OIDC issuer, e.g. "https://oidc.eks.*.amazonaws.com/id/*".
	// When comparing the issuer, the wildcards will be replaced by "[-_a-zA-Z0-9]+".
	WildcardIssuerUrl string `protobuf:"bytes,2,opt,name=wildcard_issuer_url,json=wildcardIssuerUrl,proto3,oneof"`
}

type PublicKey

type PublicKey struct {

	// The cryptographic algorithm to use with the key material
	Algorithm PublicKeyAlgorithm `protobuf:"varint,1,opt,name=algorithm,proto3,enum=dev.sigstore.fulcio.v2.PublicKeyAlgorithm" json:"algorithm,omitempty"`
	// PKIX, ASN.1 DER or PEM-encoded public key. PEM is typically
	// of type PUBLIC KEY.
	Content string `protobuf:"bytes,2,opt,name=content,proto3" json:"content,omitempty"`
	// contains filtered or unexported fields
}

func (*PublicKey) Descriptor deprecated

func (*PublicKey) Descriptor() ([]byte, []int)

Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.

func (*PublicKey) GetAlgorithm

func (x *PublicKey) GetAlgorithm() PublicKeyAlgorithm

func (*PublicKey) GetContent

func (x *PublicKey) GetContent() string

func (*PublicKey) ProtoMessage

func (*PublicKey) ProtoMessage()

func (*PublicKey) ProtoReflect

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (*PublicKey) Reset

func (x *PublicKey) Reset()

func (*PublicKey) String

func (x *PublicKey) String() string

type PublicKeyAlgorithm

type PublicKeyAlgorithm int32
const (
	PublicKeyAlgorithm_PUBLIC_KEY_ALGORITHM_UNSPECIFIED PublicKeyAlgorithm = 0
	PublicKeyAlgorithm_RSA_PSS                          PublicKeyAlgorithm = 1
	PublicKeyAlgorithm_ECDSA                            PublicKeyAlgorithm = 2
	PublicKeyAlgorithm_ED25519                          PublicKeyAlgorithm = 3
)

func (PublicKeyAlgorithm) Descriptor

func (PublicKeyAlgorithm) Enum

func (PublicKeyAlgorithm) EnumDescriptor deprecated

func (PublicKeyAlgorithm) EnumDescriptor() ([]byte, []int)

Deprecated: Use PublicKeyAlgorithm.Descriptor instead.

func (PublicKeyAlgorithm) Number

func (PublicKeyAlgorithm) String

func (x PublicKeyAlgorithm) String() string

func (PublicKeyAlgorithm) Type

type PublicKeyRequest

type PublicKeyRequest struct {

	// The public key to be stored in the requested certificate
	PublicKey *PublicKey `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	// Proof that the client possesses the private key; must be verifiable by provided public key
	//
	// This is a currently a signature over the `sub` claim from the OIDC identity token
	ProofOfPossession []byte `protobuf:"bytes,2,opt,name=proof_of_possession,json=proofOfPossession,proto3" json:"proof_of_possession,omitempty"`
	// contains filtered or unexported fields
}

func (*PublicKeyRequest) Descriptor deprecated

func (*PublicKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use PublicKeyRequest.ProtoReflect.Descriptor instead.

func (*PublicKeyRequest) GetProofOfPossession

func (x *PublicKeyRequest) GetProofOfPossession() []byte

func (*PublicKeyRequest) GetPublicKey

func (x *PublicKeyRequest) GetPublicKey() *PublicKey

func (*PublicKeyRequest) ProtoMessage

func (*PublicKeyRequest) ProtoMessage()

func (*PublicKeyRequest) ProtoReflect

func (x *PublicKeyRequest) ProtoReflect() protoreflect.Message

func (*PublicKeyRequest) Reset

func (x *PublicKeyRequest) Reset()

func (*PublicKeyRequest) String

func (x *PublicKeyRequest) String() string

type SigningCertificate

type SigningCertificate struct {

	// Types that are assignable to Certificate:
	//
	//	*SigningCertificate_SignedCertificateDetachedSct
	//	*SigningCertificate_SignedCertificateEmbeddedSct
	Certificate isSigningCertificate_Certificate `protobuf_oneof:"certificate"`
	// contains filtered or unexported fields
}

func (*SigningCertificate) Descriptor deprecated

func (*SigningCertificate) Descriptor() ([]byte, []int)

Deprecated: Use SigningCertificate.ProtoReflect.Descriptor instead.

func (*SigningCertificate) GetCertificate

func (m *SigningCertificate) GetCertificate() isSigningCertificate_Certificate

func (*SigningCertificate) GetSignedCertificateDetachedSct

func (x *SigningCertificate) GetSignedCertificateDetachedSct() *SigningCertificateDetachedSCT

func (*SigningCertificate) GetSignedCertificateEmbeddedSct

func (x *SigningCertificate) GetSignedCertificateEmbeddedSct() *SigningCertificateEmbeddedSCT

func (*SigningCertificate) ProtoMessage

func (*SigningCertificate) ProtoMessage()

func (*SigningCertificate) ProtoReflect

func (x *SigningCertificate) ProtoReflect() protoreflect.Message

func (*SigningCertificate) Reset

func (x *SigningCertificate) Reset()

func (*SigningCertificate) String

func (x *SigningCertificate) String() string

type SigningCertificateDetachedSCT

type SigningCertificateDetachedSCT struct {

	// The certificate chain serialized with the leaf certificate first, followed
	// by all intermediate certificates (if present), finishing with the root certificate.
	//
	// All values are PEM-encoded certificates.
	Chain *CertificateChain `protobuf:"bytes,1,opt,name=chain,proto3" json:"chain,omitempty"`
	// The Signed Certificate Timestamp (SCT) is a promise for including the certificate in
	// a certificate transparency log. It can be "stapled" to verify the inclusion of
	// a certificate in the log in an offline fashion.
	//
	// The SCT format is an AddChainResponse struct, defined in
	// https://github.com/google/certificate-transparency-go
	SignedCertificateTimestamp []byte `` /* 141-byte string literal not displayed */
	// contains filtered or unexported fields
}

(-- api-linter: core::0142::time-field-type=disabled

aip.dev/not-precedent: SCT is defined in RFC6962 and we keep the name consistent for easier understanding. --)

func (*SigningCertificateDetachedSCT) Descriptor deprecated

func (*SigningCertificateDetachedSCT) Descriptor() ([]byte, []int)

Deprecated: Use SigningCertificateDetachedSCT.ProtoReflect.Descriptor instead.

func (*SigningCertificateDetachedSCT) GetChain

func (*SigningCertificateDetachedSCT) GetSignedCertificateTimestamp

func (x *SigningCertificateDetachedSCT) GetSignedCertificateTimestamp() []byte

func (*SigningCertificateDetachedSCT) ProtoMessage

func (*SigningCertificateDetachedSCT) ProtoMessage()

func (*SigningCertificateDetachedSCT) ProtoReflect

func (*SigningCertificateDetachedSCT) Reset

func (x *SigningCertificateDetachedSCT) Reset()

func (*SigningCertificateDetachedSCT) String

type SigningCertificateEmbeddedSCT

type SigningCertificateEmbeddedSCT struct {

	// The certificate chain serialized with the leaf certificate first, followed
	// by all intermediate certificates (if present), finishing with the root certificate.
	//
	// All values are PEM-encoded certificates.
	//
	// The leaf certificate contains an embedded Signed Certificate Timestamp (SCT) to
	// verify inclusion of the certificate in a log. The SCT format is a SignedCertificateTimestampList,
	// as defined in https://datatracker.ietf.org/doc/html/rfc6962#section-3.3
	Chain *CertificateChain `protobuf:"bytes,1,opt,name=chain,proto3" json:"chain,omitempty"`
	// contains filtered or unexported fields
}

func (*SigningCertificateEmbeddedSCT) Descriptor deprecated

func (*SigningCertificateEmbeddedSCT) Descriptor() ([]byte, []int)

Deprecated: Use SigningCertificateEmbeddedSCT.ProtoReflect.Descriptor instead.

func (*SigningCertificateEmbeddedSCT) GetChain

func (*SigningCertificateEmbeddedSCT) ProtoMessage

func (*SigningCertificateEmbeddedSCT) ProtoMessage()

func (*SigningCertificateEmbeddedSCT) ProtoReflect

func (*SigningCertificateEmbeddedSCT) Reset

func (x *SigningCertificateEmbeddedSCT) Reset()

func (*SigningCertificateEmbeddedSCT) String

type SigningCertificate_SignedCertificateDetachedSct

type SigningCertificate_SignedCertificateDetachedSct struct {
	SignedCertificateDetachedSct *SigningCertificateDetachedSCT `protobuf:"bytes,1,opt,name=signed_certificate_detached_sct,json=signedCertificateDetachedSct,proto3,oneof"`
}

type SigningCertificate_SignedCertificateEmbeddedSct

type SigningCertificate_SignedCertificateEmbeddedSct struct {
	SignedCertificateEmbeddedSct *SigningCertificateEmbeddedSCT `protobuf:"bytes,2,opt,name=signed_certificate_embedded_sct,json=signedCertificateEmbeddedSct,proto3,oneof"`
}

type TrustBundle

type TrustBundle struct {

	// The set of PEM-encoded certificate chains for this Fulcio instance; each chain will start with any
	// intermediate certificates (if present), finishing with the root certificate.
	Chains []*CertificateChain `protobuf:"bytes,1,rep,name=chains,proto3" json:"chains,omitempty"`
	// contains filtered or unexported fields
}

func (*TrustBundle) Descriptor deprecated

func (*TrustBundle) Descriptor() ([]byte, []int)

Deprecated: Use TrustBundle.ProtoReflect.Descriptor instead.

func (*TrustBundle) GetChains

func (x *TrustBundle) GetChains() []*CertificateChain

func (*TrustBundle) ProtoMessage

func (*TrustBundle) ProtoMessage()

func (*TrustBundle) ProtoReflect

func (x *TrustBundle) ProtoReflect() protoreflect.Message

func (*TrustBundle) Reset

func (x *TrustBundle) Reset()

func (*TrustBundle) String

func (x *TrustBundle) String() string

type UnimplementedCAServer

type UnimplementedCAServer struct{}

UnimplementedCAServer must be embedded to have forward compatible implementations.

NOTE: this should be embedded by value instead of pointer to avoid a nil pointer dereference when methods are called.

func (UnimplementedCAServer) CreateSigningCertificate

func (UnimplementedCAServer) GetConfiguration added in v0.5.0

func (UnimplementedCAServer) GetTrustBundle

type UnsafeCAServer

type UnsafeCAServer interface {
	// contains filtered or unexported methods
}

UnsafeCAServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CAServer will result in compilation errors.

Directories

Path Synopsis
Package legacy is a reverse proxy.
Package legacy is a reverse proxy.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL