Documentation

Overview

    Package universal implements a signer that can do remote or local

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    func NewSigner

    func NewSigner(root Root, policy *config.Signing) (signer.Signer, error)

      NewSigner generates a new certificate signer from a Root structure. This is one of two standard signers: local or remote. If the root structure specifies a force remote, then a remote signer is created, otherwise either a remote or local signer is generated based on the policy. For a local signer, the CertFile and KeyFile need to be defined in Root.

      func PrependLocalSignerToList

      func PrependLocalSignerToList(signer localSignerCheck)

        PrependLocalSignerToList prepends signer to the local signer's list

        Types

        type Root

        type Root struct {
        	Config      map[string]string
        	ForceRemote bool
        }

          Root is used to define where the universal signer gets its public certificate and private keys for signing.

          type Signer

          type Signer struct {
          	// contains filtered or unexported fields
          }

            Signer represents a universal signer which is both local and remote to fulfill the signer.Signer interface.

            func (*Signer) GetDBAccessor

            func (s *Signer) GetDBAccessor() certdb.Accessor

              GetDBAccessor returns the signer's cert db accessor.

              func (*Signer) Info

              func (s *Signer) Info(req info.Req) (resp *info.Resp, err error)

                Info sends an info request to the remote or local CFSSL server receiving an Resp struct or an error in response.

                func (*Signer) Policy

                func (s *Signer) Policy() *config.Signing

                  Policy returns the signer's policy.

                  func (*Signer) SetDBAccessor

                  func (s *Signer) SetDBAccessor(dba certdb.Accessor)

                    SetDBAccessor sets the signer's cert db accessor.

                    func (*Signer) SetPolicy

                    func (s *Signer) SetPolicy(policy *config.Signing)

                      SetPolicy sets the signer's signature policy.

                      func (*Signer) SetReqModifier

                      func (s *Signer) SetReqModifier(mod func(*http.Request, []byte))

                        SetReqModifier sets the function to call to modify the HTTP request prior to sending it

                        func (*Signer) SigAlgo

                        func (s *Signer) SigAlgo() x509.SignatureAlgorithm

                          SigAlgo returns the RSA signer's signature algorithm.

                          func (*Signer) Sign

                          func (s *Signer) Sign(req signer.SignRequest) (cert []byte, err error)

                            Sign sends a signature request to either the remote or local signer, receiving a signed certificate or an error in response.

                            Source Files