simple

package
v0.5.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 11, 2024 License: MIT Imports: 17 Imported by: 3

Documentation

Overview

Package simple provides a simple self-contained TLS Store

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ErrNotImplemented is returned when something hasn't been implemented yet
	ErrNotImplemented = errors.New("not implemented")
)

Functions

func FindInMap 

func FindInMap(name string, m map[string]*list.List, once bool) []*tls.Certificate

FindInMap attempts to find matching [tls.Certificate]s on a MapList

func FindSupportedInMap 

func FindSupportedInMap(chi *tls.ClientHelloInfo,
	name string, m map[string]*list.List) *tls.Certificate

FindSupportedInMap attempts to find a matching supported tls.Certificate on a MapList

func PairMatch added in v0.5.4 

func PairMatch(cert *x509.Certificate, pk x509utils.PrivateKey) bool

PairMatch tells if the public key of a PrivateKey is the same as included in a *x509.Certificate

func PrivateKeyEqual added in v0.5.4 

func PrivateKeyEqual(a, b x509utils.PrivateKey) bool

PrivateKeyEqual tells if two private keys are the same

Types

type Config 

type Config struct {
	Base   x509utils.CertPooler
	Logger slog.Logger
}

Config is a custom factory for the Store allowing the usage of a Logger and a roots base different that what the system provides

func (*Config) New 

func (c *Config) New(blocks ...string) (*Store, error)

New creates a Store using keys and certificates provided as files, directories, or direct PEM encoded content

type ErrInvalidCert added in v0.5.6 

type ErrInvalidCert struct {
	Err    error
	Reason string
}

ErrInvalidCert indicates the certificate can't be used

func (ErrInvalidCert) Error added in v0.5.6 

func (err ErrInvalidCert) Error() string

func (ErrInvalidCert) Unwrap added in v0.5.6 

func (err ErrInvalidCert) Unwrap() error

type Getter 

type Getter func(ctx context.Context,
	key x509utils.PrivateKey, name string) (*tls.Certificate, error)

A Getter is a helper to get a certificate for a name

type Store 

type Store struct {
	// contains filtered or unexported fields
}

Store is a darvaza TLS Store that doesn't talk to anyone external service nor monitors for new files

func New 

func New(blocks ...string) (*Store, error)

New creates a Store using a list of PEM blocks, filenames, or directories

func NewFromBuffer 

func NewFromBuffer(pb *certpool.PoolBuffer, base x509utils.CertPooler) (*Store, error)

NewFromBuffer creates a Store from a given PoolBuffer

func (*Store) AddCACert added in v0.5.6 

func (s *Store) AddCACert(cert *x509.Certificate) error

AddCACert adds a CA Certificate to the Store

func (*Store) AddCert added in v0.5.6 

func (s *Store) AddCert(name string, cert *x509.Certificate) error

AddCert adds a Certificate to be paired with a key and bundled

func (*Store) AddKey added in v0.5.6 

func (s *Store) AddKey(pk x509utils.PrivateKey) error

AddKey adds a private key to the store after attempting to validate it.

func (*Store) Delete 

func (s *Store) Delete(_ context.Context, name string) error

Delete removes a certificate by name

func (*Store) DeleteCert 

func (s *Store) DeleteCert(_ context.Context, cert *x509.Certificate) error

DeleteCert removes a certificate from the store

func (*Store) ForEach 

func (s *Store) ForEach(ctx context.Context, f x509utils.StoreIterFunc) error

ForEach iterates over all stored certificates

func (*Store) Get 

func (s *Store) Get(_ context.Context, name string) (*x509.Certificate, error)

Get gets from the Store a certificate matching the given name

func (*Store) GetCAPool 

func (s *Store) GetCAPool() *x509.CertPool

GetCAPool returns a reference to the Certificates Pool

func (*Store) GetCertificate 

func (s *Store) GetCertificate(chi *tls.ClientHelloInfo) (*tls.Certificate, error)

GetCertificate returns the TLS Certificate that should be used for a given TLS request

func (*Store) GetCertificateWithCallback 

func (s *Store) GetCertificateWithCallback(chi *tls.ClientHelloInfo,
	getter Getter) (*tls.Certificate, error)

GetCertificateWithCallback returns the TLS Certificate that should be used for a given TLS request. If one isn't available it call use a callback to acquire one

func (*Store) HasKey added in v0.5.6 

func (s *Store) HasKey(pk crypto.PrivateKey) bool

HasKey checks if the store contains the specified PrivateKey.

func (*Store) HasPublicKey added in v0.5.6 

func (s *Store) HasPublicKey(pub crypto.PublicKey) bool

HasPublicKey checks if the store contains a PrivateKey matching the given PublicKey.

func (*Store) Keys added in v0.5.6 

func (s *Store) Keys() []x509utils.PrivateKey

Keys returns a copy of the slice containing the stored private keys.

func (*Store) Put 

func (s *Store) Put(_ context.Context, name string, cert *x509.Certificate) error

Put adds a Certificate to be paired with a key and bundled

func (*Store) SetLogger added in v0.5.6 

func (s *Store) SetLogger(logger slog.Logger)

SetLogger attaches a logger to the Store

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.