package spiffe

import "google.golang.org/grpc/internal/credentials/spiffe"

Package spiffe defines APIs for working with SPIFFE Bundle Maps.

All APIs in this package are experimental.

Index

Functions

func BundleMapFromBytes

func BundleMapFromBytes(bundleMapBytes []byte) (map[string]*spiffebundle.Bundle, error)

BundleMapFromBytes parses bytes into a SPIFFE Bundle Map. See the SPIFFE Bundle Map spec for more detail - https://github.com/spiffe/spiffe/blob/main/standards/SPIFFE_Trust_Domain_and_Bundle.md#4-spiffe-bundle-format If duplicate keys are encountered in the JSON parsing, Go's default unmarshal behavior occurs which causes the last processed entry to be the entry in the parsed map.

func GetRootsFromSPIFFEBundleMap

func GetRootsFromSPIFFEBundleMap(bundleMap map[string]*spiffebundle.Bundle, leafCert *x509.Certificate) (*x509.CertPool, error)

GetRootsFromSPIFFEBundleMap returns the root trust certificates from the SPIFFE bundle map for the given trust domain from the leaf certificate.

Source Files

spiffe.go

Version
v1.73.0 (latest)
Published
Jun 5, 2025
Platform
linux/amd64
Imports
5 packages
Last checked
2 hours ago

Tools for package owners.