x509bundle

package

v2.0.0-alpha.1 Latest Latest Go to latest Published: Apr 22, 2020 License: Apache-2.0 Imports: 9 Imported by: 37

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/spiffe/go-spiffe

Documentation ¶

Index ¶

type Bundle
type Set
- func NewSet(bundles ...*Bundle) *Set
type Source

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Bundle ¶

type Bundle struct {
	// contains filtered or unexported fields
}

Bundle is a collection of trusted X.509 roots for a trust domain.

func FromX509Roots ¶

func FromX509Roots(trustDomain spiffeid.TrustDomain, roots []*x509.Certificate) *Bundle

FromX509Roots creates a bundle from X.509 certificates.

func Load ¶

func Load(trustDomain spiffeid.TrustDomain, path string) (*Bundle, error)

Load loads a bundle from a file on disk.

func New ¶

func New(trustDomain spiffeid.TrustDomain) *Bundle

New creates a new bundle.

func Parse ¶

func Parse(trustDomain spiffeid.TrustDomain, b []byte) (*Bundle, error)

Parse parses a bundle from bytes.

func Read ¶

func Read(trustDomain spiffeid.TrustDomain, r io.Reader) (*Bundle, error)

Read decodes a bundle from a reader.

func (*Bundle) AddX509Root ¶

func (b *Bundle) AddX509Root(root *x509.Certificate)

AddX509Root adds an X.509 root to the bundle. If the root already exists in the bundle, the contents of the bundle will remain unchanged.

func (*Bundle) Empty ¶

func (b *Bundle) Empty() bool

Empty returns true if the bundle has no X.509 roots.

func (*Bundle) GetX509BundleForTrustDomain ¶

func (b *Bundle) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)

GetX509BundleForTrustDomain returns the X.509 bundle for the given trust domain. It implements the Source interface. An error will be returned if the trust domain does not match that of the bundle.

func (*Bundle) HasX509Root ¶

func (b *Bundle) HasX509Root(root *x509.Certificate) bool

HasX509Root checks if the given X.509 root exists in the bundle.

func (*Bundle) Marshal ¶

func (b *Bundle) Marshal() ([]byte, error)

Marshal marshals the X.509 bundle into PEM-encoded certificate blocks.

func (*Bundle) RemoveX509Root ¶

func (b *Bundle) RemoveX509Root(root *x509.Certificate)

RemoveX509Root removes an X.509 root from the bundle.

func (*Bundle) SetX509Roots ¶

func (b *Bundle) SetX509Roots(roots []*x509.Certificate)

SetX509Roots sets the X.509 roots in the bundle.

func (*Bundle) TrustDomain ¶

func (b *Bundle) TrustDomain() spiffeid.TrustDomain

TrustDomain returns the trust domain that the bundle belongs to.

func (*Bundle) X509Roots ¶

func (b *Bundle) X509Roots() []*x509.Certificate

X509Roots returns the X.509 roots in the bundle.

type Set ¶

type Set struct {
	// contains filtered or unexported fields
}

Set is a set of bundles, keyed by trust domain.

func NewSet ¶

func NewSet(bundles ...*Bundle) *Set

NewSet creates a new set initialized with the given bundles.

func (*Set) Add ¶

func (s *Set) Add(bundle *Bundle)

Add adds a new bundle into the set. If a bundle already exists for the trust domain, the existing bundle is replaced.

func (*Set) Bundles ¶

func (s *Set) Bundles() []*Bundle

Bundles returns the bundles in the set sorted by trust domain.

func (*Set) Get ¶

func (s *Set) Get(trustDomain spiffeid.TrustDomain) (*Bundle, bool)

Get returns a bundle for the given trust domain. If the bundle is in the set it is returned and the boolean is true. Otherwise, the returned value is nil and the boolean is false.

func (*Set) GetX509BundleForTrustDomain ¶

func (s *Set) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)

GetX509BundleForTrustDomain returns the X.509 bundle for the given trust domain. It implements the Source interface.

func (*Set) Has ¶

func (s *Set) Has(trustDomain spiffeid.TrustDomain) bool

Has returns true if there is a bundle for the given trust domain.

func (*Set) Len ¶

func (s *Set) Len() int

Len returns the number of bundles in the set.

func (*Set) Remove ¶

func (s *Set) Remove(trustDomain spiffeid.TrustDomain)

Remove removes the bundle for the given trust domain.

type Source ¶

type Source interface {
	// GetX509BundleForTrustDomain returns the X.509 bundle for the given trust
	// domain.
	GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)
}

Source represents a source of X.509 bundles keyed by trust domain.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL