kubernetes: k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin Index | Files

package pubkeypin

import "k8s.io/kubernetes/cmd/kubeadm/app/util/pubkeypin"

Package pubkeypin provides primitives for x509 public key pinning in the style of RFC7469.


Package Files


func Hash Uses

func Hash(certificate *x509.Certificate) string

Hash calculates the SHA-256 hash of the Subject Public Key Information (SPKI) object in an x509 certificate (in DER encoding). It returns the full hash as a hex encoded string (suitable for passing to Set.Allow).

type Set Uses

type Set struct {
    // contains filtered or unexported fields

Set is a set of pinned x509 public keys.

func NewSet Uses

func NewSet() *Set

NewSet returns a new, empty PubKeyPinSet

func (*Set) Allow Uses

func (s *Set) Allow(pubKeyHashes ...string) error

Allow adds an allowed public key hash to the Set

func (*Set) CheckAny Uses

func (s *Set) CheckAny(certificates []*x509.Certificate) error

CheckAny checks if at least one certificate matches one of the public keys in the set

func (*Set) Empty Uses

func (s *Set) Empty() bool

Empty returns true if the Set contains no pinned public keys.

Package pubkeypin imports 5 packages (graph) and is imported by 16 packages. Updated 2019-05-20. Refresh now. Tools for package owners.