Documentation ¶
Overview ¶
Package certificate is responsible for managing certificate signing operations on peer identities' certificate chains.
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // Error is the default error class for the certificates peer. Error = errs.Class("certificates peer error") )
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { Identity identity.Config Server server.Config Signer identity.FullCAConfig AuthorizationDB authorization.DBConfig AuthorizationAddr string `default:"127.0.0.1:9000" help:"address for authorization http proxy to listen on"` MinDifficulty uint `default:"30" help:"minimum difficulty of the requester's identity required to claim an authorization"` }
Config is the global certificates config.
type Endpoint ¶
type Endpoint struct {
// contains filtered or unexported fields
}
Endpoint implements pb.CertificatesServer.
func NewEndpoint ¶
func NewEndpoint(log *zap.Logger, ca *identity.FullCertificateAuthority, authorizationDB *authorization.DB, minDifficulty uint16) *Endpoint
NewEndpoint creates a new certificate signing gRPC server.
func (Endpoint) Sign ¶
func (endpoint Endpoint) Sign(ctx context.Context, req *pb.SigningRequest) (_ *pb.SigningResponse, err error)
Sign signs the CA certificate of the remote peer's identity with the `certs.ca` certificate. Returns a certificate chain consisting of the remote peer's CA followed by the CA chain.
type Peer ¶
type Peer struct { // core dependencies Log *zap.Logger Identity *identity.FullIdentity Server *server.Server AuthorizationDB *authorization.DB // services and endpoints Certificate struct { Endpoint *Endpoint } Authorization struct { Listener net.Listener Service *authorization.Service Endpoint *authorization.Endpoint } }
Peer is the certificates server.
func New ¶
func New(log *zap.Logger, ident *identity.FullIdentity, ca *identity.FullCertificateAuthority, authorizationDB *authorization.DB, revocationDB *revocation.DB, config *Config) (*Peer, error)
New creates a new certificates peer.
Directories ¶
Path | Synopsis |
---|---|
Package authorization is used for managing one-time-use certificate-signing- authorizations and claims.
|
Package authorization is used for managing one-time-use certificate-signing- authorizations and claims. |
Package certificateclient contains the client for the certificate endpoint.
|
Package certificateclient contains the client for the certificate endpoint. |
Click to show internal directories.
Click to hide internal directories.