- Sort Score
- Result 10 results
- Languages All
Results 1 - 8 of 8 for SubjectIDs (0.14 sec)
-
security/pkg/pki/ra/fuzz_test.go
// create subjectIDs subjectIDs := make([]string, 0) noOfEntries, err := ff.GetUint64() if err != nil { return } var i uint64 for i = 0; i < noOfEntries; i++ { newStr, err := ff.GetString() if err != nil { break } subjectIDs = append(subjectIDs, newStr) } // call ValidateCSR() ValidateCSR(csrPEM, subjectIDs) })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 12 14:51:41 UTC 2022 - 1.1K bytes - Viewed (0) -
security/pkg/pki/ra/common.go
func ValidateCSR(csrPEM []byte, subjectIDs []string) bool { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return false } if err := csr.CheckSignature(); err != nil { return false } csrIDs, err := util.ExtractIDs(csr.Extensions) if err != nil { return false } for _, s1 := range csrIDs { if !slices.Contains(subjectIDs, s1) { return false } } return true }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 19:57:30 UTC 2023 - 4.4K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } subjectIDs := []string{"test"} certBytes, err := util.GenCertFromCSR(csr, signingCert, csr.PublicKey, *signingKey, subjectIDs, c.certLifetime, false) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } block := &pem.Block{ Type: "CERTIFICATE",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
response := &pb.IstioCertificateResponse{ CertChain: respCertChain, } caServerLog.Info("send back CSR success response") return response, nil } func (s *CAServer) sign(csrPEM []byte, subjectIDs []string, _ time.Duration, forCA bool) ([]byte, error) { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { caServerLog.Errorf("failed to parse CSR: %+v", err)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
security/pkg/pki/ca/mock/fakeca.go
ReceivedIDs []string } // Sign returns the SignErr if SignErr is not nil, otherwise, it returns SignedCert. func (ca *FakeCA) Sign(csr []byte, certOpts ca.CertOpts) ([]byte, error) { ca.ReceivedIDs = certOpts.SubjectIDs if ca.SignErr != nil { return nil, ca.SignErr } return ca.SignedCert, nil } // SignWithCertChain returns the SignErr if SignErr is not nil, otherwise, it returns SignedCert and the cert chain.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 03 18:57:19 UTC 2021 - 2.1K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra_test.go
} subjectID := spiffe.Identity{TrustDomain: "cluster.local", Namespace: "default", ServiceAccount: "bookinfo-productpage"}.String() certOptions := ca.CertOpts{ SubjectIDs: []string{subjectID}, TTL: 60 * time.Second, ForCA: false, CertSigner: "kube-apiserver-client", } _, err = ra.SignWithCertChain(csrPEM, certOptions)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Sep 27 00:44:54 UTC 2023 - 9.7K bytes - Viewed (0) -
security/pkg/server/ca/server.go
certSigner := crMetadata[security.CertSigner].GetStringValue() _, _, certChainBytes, rootCertBytes := s.ca.GetCAKeyCertBundle().GetAll() certOpts := ca.CertOpts{ SubjectIDs: sans, TTL: time.Duration(request.ValidityDuration) * time.Second, ForCA: false, CertSigner: certSigner, } var signErr error var cert []byte var respCertChain []string
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra.go
} // Sign takes a PEM-encoded CSR and cert opts, and returns a certificate signed by k8s CA. func (r *KubernetesRA) Sign(csrPEM []byte, certOpts ca.CertOpts) ([]byte, error) { _, err := preSign(r.raOpts, csrPEM, certOpts.SubjectIDs, certOpts.TTL, certOpts.ForCA) if err != nil { return nil, err } certSigner := certOpts.CertSigner return r.kubernetesSign(csrPEM, r.raOpts.CaCertFile, certSigner, certOpts.TTL) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 7.2K bytes - Viewed (0)