- Sort Score
- Result 10 results
- Languages All
Results 1 - 7 of 7 for certChainPem (0.26 sec)
-
security/pkg/pki/util/verify_cert_test.go
} ) func TestVerifyCert(t *testing.T) { testCases := map[string]struct { privPem []byte certChainPem []byte rootCertPem []byte expectedFields *VerifyFields expectedErr string }{ "Root cert bad": { privPem: nil, certChainPem: nil, rootCertPem: []byte(rootCertBad), expectedFields: verifyField1, expectedErr: "failed to parse root certificate",
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Aug 16 14:56:37 UTC 2022 - 6.5K bytes - Viewed (0) -
security/pkg/pki/util/verify_cert.go
func VerifyCertificate(privPem []byte, certChainPem []byte, rootCertPem []byte, expectedFields *VerifyFields) error { roots := x509.NewCertPool() if rootCertPem != nil { if ok := roots.AppendCertsFromPEM(rootCertPem); !ok { return fmt.Errorf("failed to parse root certificate") } } intermediates := x509.NewCertPool() if ok := intermediates.AppendCertsFromPEM(certChainPem); !ok {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 05 10:37:29 UTC 2022 - 5.9K bytes - Viewed (0) -
tests/fuzz/pki_fuzzer.go
privPem, err := f.GetBytes() if err != nil { return 0 } certChainPem, err := f.GetBytes() if err != nil { return 0 } rootCertPem, err := f.GetBytes() if err != nil { return 0 } expectedFields := &util.VerifyFields{} err = f.GenerateStruct(expectedFields) if err != nil { return 0 } util.VerifyCertificate(privPem, certChainPem, rootCertPem, expectedFields) return 1 }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 05 14:00:25 UTC 2023 - 5.2K bytes - Viewed (0) -
security/pkg/pki/ra/k8s_ra_test.go
}, } for _, tc := range cases { t.Run(tc.name, func(t *testing.T) { csrPEM := createFakeCsr(t) certChainPem, err := os.ReadFile(tc.certChain) if err != nil { t.Errorf("Failed to read sample %s", tc.certChain) } client := initFakeKubeClient(t, certChainPem) ra, err := createFakeK8sRA(client, "") if err != nil { t.Errorf("Failed to create Fake K8s RA") }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Sep 27 00:44:54 UTC 2023 - 9.7K bytes - Viewed (0) -
security/pkg/server/ca/server.go
} certChainExpiryTimestamp.Record(certChainExpiry) certChainPem, err := util.ParsePemEncodedCertificate(keyCertBundle.GetCertChainPem()) if err != nil { serverCaLog.Errorf("failed to parse the cert chain: %v", err) } certChainExpirySeconds.ValueFrom(func() float64 { return time.Until(certChainPem.NotAfter).Seconds() }) } // Register registers a GRPC server on the specified port.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 28 17:35:26 UTC 2024 - 8K bytes - Viewed (0) -
security/pkg/nodeagent/cache/secretcache.go
if len(trustBundlePEM) > 0 { rootCertPEM = concatCerts(trustBundlePEM) } else { // If CA Client has no explicit mechanism to retrieve CA root, infer it from the root of the certChain rootCertPEM = []byte(certChainPEM[len(certChainPEM)-1]) } return &security.SecretItem{ CertificateChain: certChain, PrivateKey: keyPEM, ResourceName: resourceName, CreatedTime: time.Now(),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 04 08:29:46 UTC 2024 - 28.2K bytes - Viewed (0) -
security/pkg/pki/ca/ca.go
return certPEM, privPEM, nil } func (ca *IstioCA) minTTL(defaultCertTTL time.Duration) (time.Duration, error) { certChainPem := ca.keyCertBundle.GetCertChainPem() if len(certChainPem) == 0 { return defaultCertTTL, nil } certChainExpiration, err := util.TimeBeforeCertExpires(certChainPem, time.Now()) if err != nil { return 0, fmt.Errorf("failed to get cert chain TTL %s", err.Error()) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Nov 30 19:33:26 UTC 2023 - 17.2K bytes - Viewed (0)