Back to

Package pkiutil

Latest Go to latest

The latest major version is .

Published: Jun 30, 2019 | License: Apache-2.0 | Module:


func AuthenticateWithASAP

func AuthenticateWithASAP(asap ASAP, audience, subject string) restclient.RequestMutation

SSAM API Documentation -

func DecodePKCS8PrivateKey

func DecodePKCS8PrivateKey(privateKey string) (crypto.PrivateKey, error)

func EncodePKCS8PrivateKey

func EncodePKCS8PrivateKey(privateKey crypto.PrivateKey, privateKeyID string) (string, error)

type ASAP

type ASAP interface {
	GenerateToken(audience string, subject string) ([]byte, error)
	GenerateTokenWithClaims(audience string, subject string, claims jws.Claims) ([]byte, error)
	KeyID() string
	KeyIssuer() string

func NewASAPClientConfigFromMicrosEnv

func NewASAPClientConfigFromMicrosEnv() (ASAP, error)

type ASAPClientConfig

type ASAPClientConfig struct {
	PrivateKey   crypto.PrivateKey
	PrivateKeyID string `validate:"required"`
	Issuer       string `validate:"required"`

func NewASAPClientConfig

func NewASAPClientConfig(keyID, issuer string, key crypto.PrivateKey) (*ASAPClientConfig, error)

func NewASAPClientConfigFromEncodedKey

func NewASAPClientConfigFromEncodedKey(keyID, issuer, encodedPrivateKey string) (*ASAPClientConfig, error)

NewASAPClientConfigFromEncodedKey is used when you have an encoded PKCS8 private key, encoded with dataurl e.g. `dataurl.New(marshalledPrivateKey, "application/pkcs8", "kid", keyID)`

func NewASAPClientConfigFromKubernetesSecret

func NewASAPClientConfigFromKubernetesSecret(secret *core_v1.Secret) (*ASAPClientConfig, error)

func (*ASAPClientConfig) GenerateToken

func (a *ASAPClientConfig) GenerateToken(audience string, subject string) ([]byte, error)

GenerateToken creates a token with an audience claim and a subject claim. If subject is not provided, it will not be part of the claim.

func (*ASAPClientConfig) GenerateTokenWithClaims

func (a *ASAPClientConfig) GenerateTokenWithClaims(audience string, subject string, claims jws.Claims) ([]byte, error)

func (*ASAPClientConfig) KeyID

func (a *ASAPClientConfig) KeyID() string

func (*ASAPClientConfig) KeyIssuer

func (a *ASAPClientConfig) KeyIssuer() string

func (*ASAPClientConfig) PublicKey

func (a *ASAPClientConfig) PublicKey() (crypto.PublicKey, error)

type MirroredPublicKeyProvider

type MirroredPublicKeyProvider struct {
	// contains filtered or unexported fields

func NewMirroredPublicKeyProvider

func NewMirroredPublicKeyProvider(logger *zap.Logger, primary, fallback keyprovider.PublicKeyProvider) *MirroredPublicKeyProvider

func (*MirroredPublicKeyProvider) GetPublicKey

func (m *MirroredPublicKeyProvider) GetPublicKey(keyID string) (crypto.PublicKey, error)

Package Files

Documentation was rendered with GOOS=linux and GOARCH=amd64.

Jump to identifier

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to identifier