package native

teleport – github.com/gravitational/teleport/lib/auth/native Index | Files

import "github.com/gravitational/teleport/lib/auth/native"

Index ¶

Variables
func BuildPrincipals(hostID string, nodeName string, clusterName string, roles teleport.Roles) []string
func GenerateKeyPair(passphrase string) ([]byte, []byte, error)
type Keygen

func New(opts ...KeygenOption) (*Keygen, error)
func (k *Keygen) Close()
func (k *Keygen) GenerateHostCert(c services.HostCertParams) ([]byte, error)
func (k *Keygen) GenerateKeyPair(passphrase string) ([]byte, []byte, error)
func (k *Keygen) GenerateUserCert(c services.UserCertParams) ([]byte, error)
func (k *Keygen) GetNewKeyPairFromPool() ([]byte, []byte, error)

type KeygenOption

func PrecomputeKeys(count int) KeygenOption

Variables ¶

var PrecomputedNum = 25

PrecomputedNum is the number of keys to precompute and keep cached.

Functions ¶

func BuildPrincipals ¶

func BuildPrincipals(hostID string, nodeName string, clusterName string, roles teleport.Roles) []string

BuildPrincipals takes a hostID, nodeName, clusterName, and role and builds a list of principals to insert into a certificate. This function is backward compatible with older clients which means:

If RoleAdmin is in the list of roles, only a single principal is returned: hostID
If nodename is empty, it is not included in the list of principals.

func GenerateKeyPair ¶

func GenerateKeyPair(passphrase string) ([]byte, []byte, error)

GenerateKeyPair returns fresh priv/pub keypair, takes about 300ms to execute.

Types ¶

type Keygen ¶

type Keygen struct {
	// contains filtered or unexported fields
}

keygen is a key generator that precomputes keys to provide quick access to public/private key pairs.

func New ¶

func New(opts ...KeygenOption) (*Keygen, error)

New returns a new key generator.

func (*Keygen) Close ¶

func (k *Keygen) Close()

Close stops the precomputation of keys (if enabled) and releases all resources.

func (*Keygen) GenerateHostCert ¶

func (k *Keygen) GenerateHostCert(c services.HostCertParams) ([]byte, error)

GenerateHostCert generates a host certificate with the passed in parameters. The private key of the CA to sign the certificate must be provided.

func (*Keygen) GenerateKeyPair ¶

func (k *Keygen) GenerateKeyPair(passphrase string) ([]byte, []byte, error)

GenerateKeyPair returns fresh priv/pub keypair, takes about 300ms to execute.

func (*Keygen) GenerateUserCert ¶

func (k *Keygen) GenerateUserCert(c services.UserCertParams) ([]byte, error)

GenerateUserCert generates a host certificate with the passed in parameters. The private key of the CA to sign the certificate must be provided.

func (*Keygen) GetNewKeyPairFromPool ¶

func (k *Keygen) GetNewKeyPairFromPool() ([]byte, []byte, error)

GetNewKeyPairFromPool returns precomputed key pair from the pool.

type KeygenOption ¶

type KeygenOption func(k *Keygen) error

KeygenOption is a functional optional argument for key generator

func PrecomputeKeys ¶

func PrecomputeKeys(count int) KeygenOption

PrecomputeKeys sets up a number of private keys to pre-compute in background, 0 disables the process

Source Files ¶

native.go

Version: v3.2.17+incompatible (latest)
Published: Feb 4, 2021
Platform: linux/amd64
Imports: 15 packages
Last checked: 3 weeks ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples