- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for ParseCSR (0.2 sec)
-
pkg/apis/certificates/v1beta1/helpers.go
See the License for the specific language governing permissions and limitations under the License. */ package v1beta1 import ( "crypto/x509" "encoding/pem" "errors" ) // ParseCSR decodes a PEM encoded CSR func ParseCSR(pemBytes []byte) (*x509.CertificateRequest, error) { // extract PEM from request object block, _ := pem.Decode(pemBytes) if block == nil || block.Type != "CERTIFICATE REQUEST" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Feb 27 10:17:55 UTC 2020 - 1K bytes - Viewed (0) -
pkg/apis/certificates/helpers.go
*/ package certificates import ( "crypto/x509" "encoding/pem" "errors" "fmt" "reflect" "strings" "k8s.io/apimachinery/pkg/util/sets" ) // ParseCSR extracts the CSR from the bytes and decodes it. func ParseCSR(pemBytes []byte) (*x509.CertificateRequest, error) { block, _ := pem.Decode(pemBytes) if block == nil || block.Type != "CERTIFICATE REQUEST" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Dec 27 08:04:25 UTC 2022 - 4K bytes - Viewed (0) -
pkg/apis/certificates/v1/helpers.go
See the License for the specific language governing permissions and limitations under the License. */ package v1 import ( "crypto/x509" "encoding/pem" "errors" ) // ParseCSR decodes a PEM encoded CSR func ParseCSR(pemBytes []byte) (*x509.CertificateRequest, error) { // extract PEM from request object block, _ := pem.Decode(pemBytes) if block == nil || block.Type != "CERTIFICATE REQUEST" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 05 04:47:24 UTC 2020 - 1K bytes - Viewed (0) -
pkg/apis/certificates/v1beta1/defaults.go
// by attempting to inspect the 'request' content and the spec options. func DefaultSignerNameFromSpec(obj *certificatesv1beta1.CertificateSigningRequestSpec) string { csr, err := ParseCSR(obj.Request) switch { case err != nil: // Set the signerName to 'legacy-unknown' as the CSR could not be // recognised. return certificatesv1beta1.LegacyUnknownSignerName
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jan 18 15:37:57 UTC 2023 - 2.7K bytes - Viewed (0) -
pkg/controller/certificates/approver/sarapprove_test.go
capi.UsageDigitalSignature, capi.UsageClientAuth, }, } c(&b) t.Run(fmt.Sprintf("csr:%#v", b), func(t *testing.T) { csr := makeFancyTestCsr(b) x509cr, err := k8s_certificates_v1.ParseCSR(csr.Spec.Request) if err != nil { t.Errorf("unexpected err: %v", err) } if recognizeFunc(csr, x509cr) != shouldRecognize { t.Errorf("expected recognized to be %v", shouldRecognize) } })
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Aug 02 21:12:04 UTC 2022 - 7.7K bytes - Viewed (0) -
plugin/pkg/admission/certificates/subjectrestriction/admission.go
} if csr.Spec.SignerName != certificatesv1beta1.KubeAPIServerClientSignerName { return nil } csrParsed, err := certificatesapi.ParseCSR(csr.Spec.Request) if err != nil { return admission.NewForbidden(a, fmt.Errorf("failed to parse CSR: %v", err)) } for _, group := range csrParsed.Subject.Organization { if group == "system:masters" {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 05 22:45:34 UTC 2020 - 2.9K bytes - Viewed (0) -
pkg/controller/certificates/approver/sarapprove.go
if len(csr.Status.Certificate) != 0 { return nil } if approved, denied := certificates.GetCertApprovalCondition(&csr.Status); approved || denied { return nil } x509cr, err := capihelper.ParseCSR(csr.Spec.Request) if err != nil { return fmt.Errorf("unable to parse csr %q: %v", csr.Name, err) } tried := []string{} for _, r := range a.recognizers { if !r.recognize(csr, x509cr) { continue
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jun 21 16:03:42 UTC 2023 - 5.3K bytes - Viewed (0) -
pkg/apis/certificates/v1beta1/defaults_test.go
) func TestIsKubeletServingCSR(t *testing.T) { newCSR := func(base pemOptions, overlays ...pemOptions) *x509.CertificateRequest { b := csrWithOpts(base, overlays...) csr, err := ParseCSR(b) if err != nil { t.Fatal(err) } return csr } tests := map[string]struct { req *x509.CertificateRequest usages []capi.KeyUsage exp bool }{ "defaults for kubelet-serving": {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Dec 27 08:04:25 UTC 2022 - 16.9K bytes - Viewed (0) -
pkg/controller/certificates/signer/signer.go
return nil } // Fast-path to avoid any additional processing if the CSRs signerName does not match if csr.Spec.SignerName != s.signerName { return nil } x509cr, err := capihelper.ParseCSR(csr.Spec.Request) if err != nil { return fmt.Errorf("unable to parse csr %q: %v", csr.Name, err) } if recognized, err := s.isRequestForSignerFn(x509cr, csr.Spec.Usages, csr.Spec.SignerName); err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 15 03:26:08 UTC 2023 - 10.3K bytes - Viewed (0) -
cmd/kubelet/app/server_bootstrap_test.go
w.Write(data) csr = csr.DeepCopy() csr.ResourceVersion = "2" ca := &authority.CertificateAuthority{ Certificate: s.serverCA, PrivateKey: s.serverPrivateKey, } cr, err := capihelper.ParseCSR(csr.Spec.Request) if err != nil { t.Fatal(err) } der, err := ca.Sign(cr.Raw, authority.PermissiveSigningPolicy{ TTL: time.Hour, Backdate: s.backdate, }) if err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Feb 01 05:59:41 UTC 2022 - 10.5K bytes - Viewed (0)