package universal

cfssl – github.com/cloudflare/cfssl/signer/universal Index | Files

package universal

import "github.com/cloudflare/cfssl/signer/universal"

Package universal implements a signer that can do remote or local

Index ¶

func NewSigner(root Root, policy *config.Signing) (signer.Signer, error)
func PrependLocalSignerToList(signer localSignerCheck)
type Root
type Signer

func (s *Signer) GetDBAccessor() certdb.Accessor
func (s *Signer) Info(req info.Req) (resp *info.Resp, err error)
func (s *Signer) Policy() *config.Signing
func (s *Signer) SetDBAccessor(dba certdb.Accessor)
func (s *Signer) SetPolicy(policy *config.Signing)
func (s *Signer) SetReqModifier(mod func(*http.Request, []byte))
func (s *Signer) SigAlgo() x509.SignatureAlgorithm
func (s *Signer) Sign(req signer.SignRequest) (cert []byte, err error)

Functions ¶

func NewSigner ¶

func NewSigner(root Root, policy *config.Signing) (signer.Signer, error)

NewSigner generates a new certificate signer from a Root structure. This is one of two standard signers: local or remote. If the root structure specifies a force remote, then a remote signer is created, otherwise either a remote or local signer is generated based on the policy. For a local signer, the CertFile and KeyFile need to be defined in Root.

func PrependLocalSignerToList ¶

func PrependLocalSignerToList(signer localSignerCheck)

PrependLocalSignerToList prepends signer to the local signer's list

Types ¶

type Root ¶

type Root struct {
	Config      map[string]string
	ForceRemote bool
}

Root is used to define where the universal signer gets its public certificate and private keys for signing.

type Signer ¶

type Signer struct {
	// contains filtered or unexported fields
}

Signer represents a universal signer which is both local and remote to fulfill the signer.Signer interface.

func (*Signer) GetDBAccessor ¶

func (s *Signer) GetDBAccessor() certdb.Accessor

GetDBAccessor returns the signer's cert db accessor.

func (*Signer) Info ¶

func (s *Signer) Info(req info.Req) (resp *info.Resp, err error)

Info sends an info request to the remote or local CFSSL server receiving an Resp struct or an error in response.

func (*Signer) Policy ¶

func (s *Signer) Policy() *config.Signing

Policy returns the signer's policy.

func (*Signer) SetDBAccessor ¶

func (s *Signer) SetDBAccessor(dba certdb.Accessor)

SetDBAccessor sets the signer's cert db accessor.

func (*Signer) SetPolicy ¶

func (s *Signer) SetPolicy(policy *config.Signing)

SetPolicy sets the signer's signature policy.

func (*Signer) SetReqModifier ¶

func (s *Signer) SetReqModifier(mod func(*http.Request, []byte))

SetReqModifier sets the function to call to modify the HTTP request prior to sending it

func (*Signer) SigAlgo ¶

func (s *Signer) SigAlgo() x509.SignatureAlgorithm

SigAlgo returns the RSA signer's signature algorithm.

func (*Signer) Sign ¶

func (s *Signer) Sign(req signer.SignRequest) (cert []byte, err error)

Sign sends a signature request to either the remote or local signer, receiving a signed certificate or an error in response.

Source Files ¶

universal.go

Version: v1.6.5 (latest)
Published: Mar 5, 2024
Platform: linux/amd64
Imports: 9 packages
Last checked: 3 weeks ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples