blob: db9dcde31f025b060754d7b5de6cfc74f9a0381e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
// Package spiffebundle provides SPIFFE bundle related functionality.
//
// A bundle represents a SPIFFE bundle, a collection authorities for
// authenticating SVIDs.
//
// You can create a new bundle for a specific trust domain:
//
// td := spiffeid.RequireTrustDomainFromString("example.org")
// bundle := spiffebundle.New(td)
//
// Or you can load it from disk:
//
// td := spiffeid.RequireTrustDomainFromString("example.org")
// bundle := spiffebundle.Load(td, "bundle.json")
//
// The bundle can be initialized with X.509 or JWT authorities:
//
// td := spiffeid.RequireTrustDomainFromString("example.org")
//
// var x509Authorities []*x509.Certificate = ...
// bundle := spiffebundle.FromX509Authorities(td, x509Authorities)
// // ... or ...
// var jwtAuthorities map[string]crypto.PublicKey = ...
// bundle := spiffebundle.FromJWTAuthorities(td, jwtAuthorities)
//
// In addition, you can add authorities to the bundle:
//
// var x509CA *x509.Certificate = ...
// bundle.AddX509Authority(x509CA)
// var keyID string = ...
// var publicKey crypto.PublicKey = ...
// bundle.AddJWTAuthority(keyID, publicKey)
//
// Bundles can be organized into a set, keyed by trust domain:
//
// set := spiffebundle.NewSet()
// set.Add(bundle)
//
// A Source is source of bundles for a trust domain. Both the
// Bundle and Set types implement Source:
//
// // Initialize the source from a bundle or set
// var source spiffebundle.Source = bundle
// // ... or ...
// var source spiffebundle.Source = set
//
// // Use the source to query for X.509 bundles by trust domain
// bundle, err := source.GetBundleForTrustDomain(td)
//
// Additionally the Bundle and Set types also implement the x509bundle.Source and jwtbundle.Source interfaces:
//
// // As an x509bundle.Source...
// var source x509bundle.Source = bundle // or set
// x509Bundle, err := source.GetX509BundleForTrustDomain(td)
//
// // As a jwtbundle.Source...
// var source jwtbundle.Source = bundle // or set
// jwtBundle, err := source.GetJWTBundleForTrustDomain(td)
package spiffebundle
|
