spiffetest

package
v1.7.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2024 License: Apache-2.0, Apache-2.0 Imports: 37 Imported by: 0

README 

Note: These files were copied from github.com/spiffe/go-spiffe for the purposes
of testing the SPIFFE Workload API support.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CertsEqual 

func CertsEqual(a, b []*x509.Certificate) bool

CertsEqual returns true if the slices of X.509 certificates are equal.

func ConcatRawCertsFromCerts 

func ConcatRawCertsFromCerts(certs []*x509.Certificate) []byte

func CopyX509Authorities 

func CopyX509Authorities(x509Authorities []*x509.Certificate) []*x509.Certificate

CopyX509Authorities copies a slice of X.509 certificates to a new slice.

func CreateCACertificate 

func CreateCACertificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func CreateCertificate 

func CreateCertificate(tb testing.TB, tmpl, parent *x509.Certificate, pub, priv interface{}) *x509.Certificate

func CreateWebCredentials 

func CreateWebCredentials(t testing.TB) (*x509.CertPool, *tls.Certificate)

func CreateX509Certificate 

func CreateX509Certificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func CreateX509SVID 

func CreateX509SVID(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, id spiffeid.ID, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func EncodeCertificates 

func EncodeCertificates(certificates []*x509.Certificate) []byte

func EncodePKCS8PrivateKey 

func EncodePKCS8PrivateKey(privateKey interface{}) ([]byte, error)

func NewCertPool 

func NewCertPool(certs []*x509.Certificate) *x509.CertPool

NewCertPool returns a new CertPool with the given X.509 certificates

func NewEC256Key 

func NewEC256Key(tb testing.TB) *ecdsa.PrivateKey

NewEC256Key returns an ECDSA key over the P256 curve

func NewKeyID 

func NewKeyID(tb testing.TB) string

NewKeyID returns a random id useful for identifying keys

func NewSerial 

func NewSerial(tb testing.TB) *big.Int

func ParseCertificates 

func ParseCertificates(certsBytes []byte) ([]*x509.Certificate, error)

func ParsePrivateKey 

func ParsePrivateKey(keyBytes []byte) (crypto.PrivateKey, error)

func RawCertsFromCerts 

func RawCertsFromCerts(certs []*x509.Certificate) [][]byte

Types

type CA 

type CA struct {
	// contains filtered or unexported fields
}

func NewCA 

func NewCA(tb testing.TB, td spiffeid.TrustDomain) *CA

func (*CA) Bundle 

func (ca *CA) Bundle() *spiffebundle.Bundle

func (*CA) ChildCA 

func (ca *CA) ChildCA(options ...CertificateOption) *CA

func (*CA) CreateJWTSVID 

func (ca *CA) CreateJWTSVID(id spiffeid.ID, audience []string) *jwtsvid.SVID

func (*CA) CreateX509Certificate 

func (ca *CA) CreateX509Certificate(options ...CertificateOption) ([]*x509.Certificate, crypto.Signer)

func (*CA) CreateX509SVID 

func (ca *CA) CreateX509SVID(id spiffeid.ID, options ...CertificateOption) *x509svid.SVID

func (*CA) JWTAuthorities 

func (ca *CA) JWTAuthorities() map[string]crypto.PublicKey

func (*CA) JWTBundle 

func (ca *CA) JWTBundle() *jwtbundle.Bundle

func (*CA) X509Authorities 

func (ca *CA) X509Authorities() []*x509.Certificate

func (*CA) X509Bundle 

func (ca *CA) X509Bundle() *x509bundle.Bundle

type CertificateOption 

type CertificateOption interface {
	// contains filtered or unexported methods
}

func WithIPAddresses 

func WithIPAddresses(ips ...net.IP) CertificateOption

func WithKeyUsage 

func WithKeyUsage(keyUsage x509.KeyUsage) CertificateOption

func WithLifetime 

func WithLifetime(notBefore, notAfter time.Time) CertificateOption

func WithSerial 

func WithSerial(serial *big.Int) CertificateOption

func WithSubject 

func WithSubject(subject pkix.Name) CertificateOption

func WithURIs 

func WithURIs(uris ...*url.URL) CertificateOption

type WorkloadAPI 

type WorkloadAPI struct {
	// contains filtered or unexported fields
}

func New 

func New(tb testing.TB) *WorkloadAPI

func (*WorkloadAPI) Addr 

func (w *WorkloadAPI) Addr() string

func (*WorkloadAPI) SetJWTBundles 

func (w *WorkloadAPI) SetJWTBundles(jwtBundles ...*jwtbundle.Bundle)

func (*WorkloadAPI) SetJWTSVIDResponse 

func (w *WorkloadAPI) SetJWTSVIDResponse(r *workload.JWTSVIDResponse)

func (*WorkloadAPI) SetX509Bundles 

func (w *WorkloadAPI) SetX509Bundles(x509Bundles ...*x509bundle.Bundle)

func (*WorkloadAPI) SetX509SVIDResponse 

func (w *WorkloadAPI) SetX509SVIDResponse(r *X509SVIDResponse)

func (*WorkloadAPI) Stop 

func (w *WorkloadAPI) Stop()

type X509SVIDResponse 

type X509SVIDResponse struct {
	SVIDs            []*x509svid.SVID
	Bundle           *x509bundle.Bundle
	FederatedBundles []*x509bundle.Bundle
}

func (*X509SVIDResponse) ToProto 

func (r *X509SVIDResponse) ToProto(tb testing.TB) *workload.X509SVIDResponse

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.