- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 12 for SubjectIDs (0.35 sec)
-
security/pkg/pki/ra/fuzz_test.go
// create subjectIDs subjectIDs := make([]string, 0) noOfEntries, err := ff.GetUint64() if err != nil { return } var i uint64 for i = 0; i < noOfEntries; i++ { newStr, err := ff.GetString() if err != nil { break } subjectIDs = append(subjectIDs, newStr) } // call ValidateCSR() ValidateCSR(csrPEM, subjectIDs) })
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Oct 12 14:51:41 UTC 2022 - 1.1K bytes - Viewed (0) -
security/pkg/pki/util/generate_cert_test.go
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 06 12:48:53 UTC 2023 - 29.4K bytes - Viewed (0) -
security/pkg/pki/ra/common.go
func ValidateCSR(csrPEM []byte, subjectIDs []string) bool { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return false } if err := csr.CheckSignature(); err != nil { return false } csrIDs, err := util.ExtractIDs(csr.Extensions) if err != nil { return false } for _, s1 := range csrIDs { if !slices.Contains(subjectIDs, s1) { return false } } return true }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 19:57:30 UTC 2023 - 4.4K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
} var pkiCaLog = log.RegisterScope("pkica", "Citadel CA log") // caTypes is the enum for the CA type. type caTypes int type CertOpts struct { // SubjectIDs are used for building the SAN extension for the certificate. SubjectIDs []string // TTL is the requested lifetime (Time to live) to be applied in the certificate. TTL time.Duration // ForCA indicates whether the signed certificate if for CA.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0) -
security/pkg/nodeagent/caclient/providers/mock/mockcaclient.go
csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } subjectIDs := []string{"test"} certBytes, err := util.GenCertFromCSR(csr, signingCert, csr.PublicKey, *signingKey, subjectIDs, c.certLifetime, false) if err != nil { return nil, fmt.Errorf("csr sign error: %v", err) } block := &pem.Block{ Type: "CERTIFICATE",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 16 22:12:28 UTC 2024 - 3K bytes - Viewed (0) -
security/pkg/pki/util/generate_cert.go
func GenCertFromCSR(csr *x509.CertificateRequest, signingCert *x509.Certificate, publicKey any, signingKey crypto.PrivateKey, subjectIDs []string, ttl time.Duration, isCA bool, ) (cert []byte, err error) { tmpl, err := genCertTemplateFromCSR(csr, subjectIDs, ttl, isCA) if err != nil { return nil, err } return x509.CreateCertificate(rand.Reader, tmpl, signingCert, publicKey, signingKey) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Aug 02 14:34:38 UTC 2023 - 14.2K bytes - Viewed (0) -
security/pkg/nodeagent/test/mock/caserver.go
response := &pb.IstioCertificateResponse{ CertChain: respCertChain, } caServerLog.Info("send back CSR success response") return response, nil } func (s *CAServer) sign(csrPEM []byte, subjectIDs []string, _ time.Duration, forCA bool) ([]byte, error) { csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { caServerLog.Errorf("failed to parse CSR: %+v", err)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 5.9K bytes - Viewed (0) -
security/pkg/pki/ca/mock/fakeca.go
ReceivedIDs []string } // Sign returns the SignErr if SignErr is not nil, otherwise, it returns SignedCert. func (ca *FakeCA) Sign(csr []byte, certOpts ca.CertOpts) ([]byte, error) { ca.ReceivedIDs = certOpts.SubjectIDs if ca.SignErr != nil { return nil, ca.SignErr } return ca.SignedCert, nil } // SignWithCertChain returns the SignErr if SignErr is not nil, otherwise, it returns SignedCert and the cert chain.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Dec 03 18:57:19 UTC 2021 - 2.1K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra_test.go
} subjectID := spiffe.Identity{TrustDomain: "cluster.local", Namespace: "default", ServiceAccount: "bookinfo-productpage"}.String() certOptions := ca.CertOpts{ SubjectIDs: []string{subjectID}, TTL: 60 * time.Second, ForCA: false, CertSigner: "kube-apiserver-client", } _, err = ra.SignWithCertChain(csrPEM, certOptions)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Sep 27 00:44:54 UTC 2023 - 9.7K bytes - Viewed (0) -
security/pkg/pki/ca/ca_test.go
} csrPEM, privPEM, err := util.GenCSR(opts) if err != nil { t.Error(err) } caCertOpts := CertOpts{ SubjectIDs: []string{"localhost"}, TTL: time.Hour, ForCA: false, } certPEM, signErr := ca.signWithCertChain(csrPEM, caCertOpts.SubjectIDs, caCertOpts.TTL, true, caCertOpts.ForCA) if signErr != nil { t.Error(err) } cert, err := tls.X509KeyPair(certPEM, privPEM)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Oct 31 08:51:27 UTC 2023 - 29.1K bytes - Viewed (0)