certificate

package
v1.89.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 29, 2023 License: AGPL-3.0 Imports: 16 Imported by: 0

Documentation

Overview

Package certificate is responsible for managing certificate signing operations on peer identities' certificate chains.

Index

Constants

This section is empty.

Variables

View Source 
var (

	// Error is the default error class for the certificates peer.
	Error = errs.Class("certificate")
)

Functions

This section is empty.

Types

type Config 

type Config struct {
	Identity identity.Config
	Server   server.Config

	Signer            identity.FullCAConfig
	AuthorizationDB   authorization.DBConfig
	AuthorizationAddr string `default:"127.0.0.1:9000" help:"address for authorization http proxy to listen on"`

	MinDifficulty uint `default:"36" help:"minimum difficulty of the requester's identity required to claim an authorization"`
}

Config is the global certificates config.

type Endpoint 

type Endpoint struct {
	certificatepb.DRPCCertificatesUnimplementedServer
	// contains filtered or unexported fields
}

Endpoint implements pb.CertificatesServer.

func NewEndpoint 

func NewEndpoint(log *zap.Logger, ca *identity.FullCertificateAuthority, authorizationDB *authorization.DB, minDifficulty uint16) *Endpoint

NewEndpoint creates a new certificate signing server.

func (Endpoint) Sign 

func (endpoint Endpoint) Sign(ctx context.Context, req *certificatepb.SigningRequest) (_ *certificatepb.SigningResponse, err error)

Sign signs the CA certificate of the remote peer's identity with the `certs.ca` certificate. Returns a certificate chain consisting of the remote peer's CA followed by the CA chain.

type Peer 

type Peer struct {
	// core dependencies
	Log      *zap.Logger
	Identity *identity.FullIdentity

	Server          *server.Server
	AuthorizationDB *authorization.DB

	// services and endpoints
	Certificate struct {
		Endpoint *Endpoint
	}

	Authorization struct {
		Listener net.Listener
		Service  *authorization.Service
		Endpoint *authorization.Endpoint
	}
}

Peer is the certificates server.

func New 

func New(log *zap.Logger, ident *identity.FullIdentity, ca *identity.FullCertificateAuthority, authorizationDB *authorization.DB, revocationDB *revocation.DB, config *Config) (*Peer, error)

New creates a new certificates peer.

func (*Peer) Close 

func (peer *Peer) Close() error

Close closes all resources.

func (*Peer) Run 

func (peer *Peer) Run(ctx context.Context) (err error)

Run runs the certificates peer until it's either closed or it errors.

Source Files

View all Source files

Directories

Path Synopsis
Package authorization is used for managing one-time-use certificate-signing- authorizations and claims.
 Package authorization is used for managing one-time-use certificate-signing- authorizations and claims.
Package certificateclient contains the client for the certificate endpoint.
 Package certificateclient contains the client for the certificate endpoint.
Package certificatepb contains protobuf definitions for certificate signing.
 Package certificatepb contains protobuf definitions for certificate signing.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.