spiffe

package
v0.0.0-...-51eebe4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 12, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type SVIDDetails 

type SVIDDetails struct {
	PrivateKey    crypto.Signer
	Certificate   *x509.Certificate
	Intermediates []*x509.Certificate
}

SVIDDetails captures the Private Key, Root and Intermediate Certificate from the SVID provided by spire for the workload.

func GetSVID 

func GetSVID(ctx context.Context, client SVIDFetcher) (SVIDDetails, error)

GetSVID attempts to request an SVID from the provided SPIRE Workload API socket. If attestation succeeds and an SVID is acquired the resulting X509 key & certificate pair will be returned as well as any intermediate certificates needed to establish trust to trust domain's root.

func (SVIDDetails) InTotoKey 

func (s SVIDDetails) InTotoKey() (intoto.Key, error)

InTotoKey uses the private key and certificate obtained from Spire to initialize intoto.key to be used for signing.

type SVIDFetcher 

type SVIDFetcher interface {
	FetchX509Context(ctx context.Context) (*workloadapi.X509Context, error)
	Close() error
}

SVIDFetcher uses the context to connect to the spire and get the SVID associated with the workload.

func NewClient 

func NewClient(ctx context.Context, socketPath string) (SVIDFetcher, error)

NewClient takes the context and the provided spire agent socket path in order to initialize the workload API.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.