- Sort Score
- Result 10 results
- Languages All
Results 1 - 8 of 8 for ExtractIDs (0.4 sec)
-
security/pkg/server/ca/authenticate/cert_authenticator.go
tlsInfo := peer.AuthInfo.(credentials.TLSInfo) chains := tlsInfo.State.VerifiedChains if len(chains) == 0 || len(chains[0]) == 0 { return nil, fmt.Errorf("no verified chain is found") } ids, err := util.ExtractIDs(chains[0][0].Extensions) if err != nil { return nil, err } return &security.Caller{ AuthSource: security.AuthSourceClientCertificate, Identities: ids, }, nil }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jul 19 02:12:12 UTC 2022 - 3.1K bytes - Viewed (0) -
security/pkg/pki/util/san.go
// https://tools.ietf.org/html/rfc5280#section-4.2. return &ext } } return nil } // ExtractIDs first finds the SAN extension from the given extension set, then // extract identities from the SAN extension. func ExtractIDs(exts []pkix.Extension) ([]string, error) { sanExt := ExtractSANExtension(exts) if sanExt == nil { return nil, fmt.Errorf("the SAN extension does not exist")
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri Oct 14 06:50:22 UTC 2022 - 6K bytes - Viewed (0) -
security/pkg/pki/ra/common.go
csr, err := util.ParsePemEncodedCSR(csrPEM) if err != nil { return false } if err := csr.CheckSignature(); err != nil { return false } csrIDs, err := util.ExtractIDs(csr.Extensions) if err != nil { return false } for _, s1 := range csrIDs { if !slices.Contains(subjectIDs, s1) { return false } } return true }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 11 19:57:30 UTC 2023 - 4.4K bytes - Viewed (0) -
security/pkg/pki/util/verify_cert.go
} } else { return fmt.Errorf("algorithms for private key and cert do not match") } } if strings.HasPrefix(host, "spiffe") { matchHost := false ids, err := ExtractIDs(cert.Extensions) if err != nil { return err } for _, id := range ids { if strings.HasSuffix(id, host) { matchHost = true break } } if !matchHost {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Sep 05 10:37:29 UTC 2022 - 5.9K bytes - Viewed (0) -
pkg/security/mock.go
tlsInfo := p.AuthInfo.(credentials.TLSInfo) chains := tlsInfo.State.VerifiedChains if len(chains) == 0 || len(chains[0]) == 0 { return fmt.Errorf("no verified chain is found") } ids, err := util.ExtractIDs(chains[0][0].Extensions) if err != nil { return fmt.Errorf("failed to extract IDs") } if !sets.New(ids...).Contains(expected) { return fmt.Errorf("expected identity %q, got %v", expected, ids) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue May 23 17:08:31 UTC 2023 - 4.5K bytes - Viewed (0) -
tests/fuzz/pki_fuzzer.go
for i := 0; i < noOfExtensions; i++ { newExtension := pkix.Extension{} err = f.GenerateStruct(&newExtension) if err != nil { return 0 } extensions = append(extensions, newExtension) } _, _ = util.ExtractIDs(extensions) return 1 } // FuzzPemCertBytestoString implements a fuzzer // that tests PemCertBytestoString func FuzzPemCertBytestoString(data []byte) int { _ = util.PemCertBytestoString(data) return 1 }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 05 14:00:25 UTC 2023 - 5.2K bytes - Viewed (0) -
pkg/hbone/dialer.go
resp, err := d.transport.RoundTrip(r) if err != nil { return fmt.Errorf("round trip: %v", err) } var remoteID string if resp.TLS != nil && len(resp.TLS.PeerCertificates) > 0 { ids, _ := util.ExtractIDs(resp.TLS.PeerCertificates[0].Extensions) if len(ids) > 0 { remoteID = ids[0] } } if resp.StatusCode != http.StatusOK { return fmt.Errorf("round trip failed: %v", resp.Status) }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 24 15:56:41 UTC 2023 - 5.1K bytes - Viewed (0) -
security/pkg/pki/util/san_test.go
{Id: asn1.ObjectIdentifier{1, 2, 3, 4}}, *sanExt, {Id: asn1.ObjectIdentifier{3, 2, 1}}, }, expectedIDs: []string{id}, }, } for id, tc := range testCases { actualIDs, err := ExtractIDs(tc.exts) if !reflect.DeepEqual(actualIDs, tc.expectedIDs) { t.Errorf("Case %q: unexpected identities: want %v but got %v", id, tc.expectedIDs, actualIDs) } if tc.expectedErrMsg != "" { if err == nil {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Feb 12 17:36:33 UTC 2024 - 6.5K bytes - Viewed (0)