package grpccredentials

import "github.com/spiffe/go-spiffe/v2/spiffegrpc/grpccredentials"

Index ¶

• func MTLSClientCredentials(svid x509svid.Source, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials
• func MTLSServerCredentials(svid x509svid.Source, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials
• func MTLSWebClientCredentials(svid x509svid.Source, roots *x509.CertPool, opts ...tlsconfig.Option) credentials.TransportCredentials
• func MTLSWebServerCredentials(cert *tls.Certificate, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials
• func PeerIDFromContext(ctx context.Context) (spiffeid.ID, bool)
• func PeerIDFromPeer(p *peer.Peer) (spiffeid.ID, bool)
• func TLSClientCredentials(bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials
• func TLSServerCredentials(svid x509svid.Source, opts ...tlsconfig.Option) credentials.TransportCredentials

Functions ¶

func MTLSClientCredentials ¶

func MTLSClientCredentials(svid x509svid.Source, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials

MTLSClientCredentials returns TLS credentials which present an X509-SVID to the server and verifies and authorizes the server X509-SVID.

func MTLSServerCredentials ¶

func MTLSServerCredentials(svid x509svid.Source, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials

MTLSServerCredentials returns TLS credentials which present an X509-SVID to the client and requires, verifies, and authorizes client X509-SVIDs.

func MTLSWebClientCredentials ¶

func MTLSWebClientCredentials(svid x509svid.Source, roots *x509.CertPool, opts ...tlsconfig.Option) credentials.TransportCredentials

MTLSWebClientCredentials returns TLS credentials which present an X509-SVID to the server and verifies the server certificate using provided roots (or the system roots if nil).

func MTLSWebServerCredentials ¶

func MTLSWebServerCredentials(cert *tls.Certificate, bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials

MTLSWebServerCredentials returns TLS credentials which present a web server certificate to the client and requires, verifies, and authorizes client X509-SVIDs.

func PeerIDFromContext ¶

func PeerIDFromContext(ctx context.Context) (spiffeid.ID, bool)

PeerIDFromContext returns the SPIFFE ID from the peer information on the context. If the peer does not have a SPIFFE ID, or the credentials for the connection were not provided by this package, the function returns false.

func PeerIDFromPeer ¶

func PeerIDFromPeer(p *peer.Peer) (spiffeid.ID, bool)

PeerIDFromPeer returns the SPIFFE ID for the peer information on the context. If the peer does not have a SPIFFE ID, or the credentials for the connection were not provided by this package, the function returns false.

func TLSClientCredentials ¶

func TLSClientCredentials(bundle x509bundle.Source, authorizer tlsconfig.Authorizer, opts ...tlsconfig.Option) credentials.TransportCredentials

TLSClientCredentials returns TLS credentials which verify and authorize the server X509-SVID.

func TLSServerCredentials ¶

func TLSServerCredentials(svid x509svid.Source, opts ...tlsconfig.Option) credentials.TransportCredentials

TLSServerCredentials returns TLS credentials which present an X509-SVID to the client and does not require or verify client certificates.

Source Files ¶

credentials.go