package x509bundle

v2 – github.com/spiffe/go-spiffe/v2/bundle/x509bundle Index | Files

import "github.com/spiffe/go-spiffe/v2/bundle/x509bundle"

Index ¶

type Bundle

func FromX509Authorities(trustDomain spiffeid.TrustDomain, authorities []*x509.Certificate) *Bundle
func Load(trustDomain spiffeid.TrustDomain, path string) (*Bundle, error)
func New(trustDomain spiffeid.TrustDomain) *Bundle
func Parse(trustDomain spiffeid.TrustDomain, b []byte) (*Bundle, error)
func Read(trustDomain spiffeid.TrustDomain, r io.Reader) (*Bundle, error)
func (b *Bundle) AddX509Authority(x509Authority *x509.Certificate)
func (b *Bundle) Empty() bool
func (b *Bundle) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)
func (b *Bundle) HasX509Authority(x509Authority *x509.Certificate) bool
func (b *Bundle) Marshal() ([]byte, error)
func (b *Bundle) RemoveX509Authority(x509Authority *x509.Certificate)
func (b *Bundle) SetX509Authorities(x509Authorities []*x509.Certificate)
func (b *Bundle) TrustDomain() spiffeid.TrustDomain
func (b *Bundle) X509Authorities() []*x509.Certificate

type Set

func NewSet(bundles ...*Bundle) *Set
func (s *Set) Add(bundle *Bundle)
func (s *Set) Bundles() []*Bundle
func (s *Set) Get(trustDomain spiffeid.TrustDomain) (*Bundle, bool)
func (s *Set) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)
func (s *Set) Has(trustDomain spiffeid.TrustDomain) bool
func (s *Set) Len() int
func (s *Set) Remove(trustDomain spiffeid.TrustDomain)

type Source

Types ¶

type Bundle ¶

type Bundle struct {
	// contains filtered or unexported fields
}

Bundle is a collection of trusted X.509 authorities for a trust domain.

func FromX509Authorities ¶

func FromX509Authorities(trustDomain spiffeid.TrustDomain, authorities []*x509.Certificate) *Bundle

FromX509Authorities creates a bundle from X.509 certificates.

func Load ¶

func Load(trustDomain spiffeid.TrustDomain, path string) (*Bundle, error)

Load loads a bundle from a file on disk.

func New ¶

func New(trustDomain spiffeid.TrustDomain) *Bundle

New creates a new bundle.

func Parse ¶

func Parse(trustDomain spiffeid.TrustDomain, b []byte) (*Bundle, error)

Parse parses a bundle from bytes.

func Read ¶

func Read(trustDomain spiffeid.TrustDomain, r io.Reader) (*Bundle, error)

Read decodes a bundle from a reader.

func (*Bundle) AddX509Authority ¶

func (b *Bundle) AddX509Authority(x509Authority *x509.Certificate)

AddX509Authority adds an X.509 authority to the bundle. If the authority already exists in the bundle, the contents of the bundle will remain unchanged.

func (*Bundle) Empty ¶

func (b *Bundle) Empty() bool

Empty returns true if the bundle has no X.509 x509Authorities.

func (*Bundle) GetX509BundleForTrustDomain ¶

func (b *Bundle) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)

GetX509BundleForTrustDomain returns the X.509 bundle for the given trust domain. It implements the Source interface. An error will be returned if the trust domain does not match that of the bundle.

func (*Bundle) HasX509Authority ¶

func (b *Bundle) HasX509Authority(x509Authority *x509.Certificate) bool

HasX509Authority checks if the given X.509 authority exists in the bundle.

func (*Bundle) Marshal ¶

func (b *Bundle) Marshal() ([]byte, error)

Marshal marshals the X.509 bundle into PEM-encoded certificate blocks.

func (*Bundle) RemoveX509Authority ¶

func (b *Bundle) RemoveX509Authority(x509Authority *x509.Certificate)

RemoveX509Authority removes an X.509 authority from the bundle.

func (*Bundle) SetX509Authorities ¶

func (b *Bundle) SetX509Authorities(x509Authorities []*x509.Certificate)

SetX509Authorities sets the X.509 authorities in the bundle.

func (*Bundle) TrustDomain ¶

func (b *Bundle) TrustDomain() spiffeid.TrustDomain

TrustDomain returns the trust domain that the bundle belongs to.

func (*Bundle) X509Authorities ¶

func (b *Bundle) X509Authorities() []*x509.Certificate

X509Authorities returns the X.509 x509Authorities in the bundle.

type Set ¶

type Set struct {
	// contains filtered or unexported fields
}

Set is a set of bundles, keyed by trust domain.

func NewSet ¶

func NewSet(bundles ...*Bundle) *Set

NewSet creates a new set initialized with the given bundles.

func (*Set) Add ¶

func (s *Set) Add(bundle *Bundle)

Add adds a new bundle into the set. If a bundle already exists for the trust domain, the existing bundle is replaced.

func (*Set) Bundles ¶

func (s *Set) Bundles() []*Bundle

Bundles returns the bundles in the set sorted by trust domain.

func (*Set) Get ¶

func (s *Set) Get(trustDomain spiffeid.TrustDomain) (*Bundle, bool)

Get returns a bundle for the given trust domain. If the bundle is in the set it is returned and the boolean is true. Otherwise, the returned value is nil and the boolean is false.

func (*Set) GetX509BundleForTrustDomain ¶

func (s *Set) GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)

GetX509BundleForTrustDomain returns the X.509 bundle for the given trust domain. It implements the Source interface.

func (*Set) Has ¶

func (s *Set) Has(trustDomain spiffeid.TrustDomain) bool

Has returns true if there is a bundle for the given trust domain.

func (*Set) Len ¶

func (s *Set) Len() int

Len returns the number of bundles in the set.

func (*Set) Remove ¶

func (s *Set) Remove(trustDomain spiffeid.TrustDomain)

Remove removes the bundle for the given trust domain.

type Source ¶

type Source interface {
	// GetX509BundleForTrustDomain returns the X.509 bundle for the given trust
	// domain.
	GetX509BundleForTrustDomain(trustDomain spiffeid.TrustDomain) (*Bundle, error)
}

Source represents a source of X.509 bundles keyed by trust domain.

Source Files ¶

bundle.go set.go source.go

Version: v2.0.0-alpha.2
Published: Apr 23, 2020
Platform: js/wasm
Imports: 9 packages
Last checked: 15 hours ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples