You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The tlsconfig package contains various methods of creating/updating TLS configuration with the ability to perform SPIFFE authentication over TLS.
There are 3 primitive helper functions:
GetCertificate: takes an x509svid.Source and implements the GetCertificate callback for server tls.Config
GetClientCertificate: takes an x509svid.Source and implements the GetClientCertificate callback for client tls.Config
VerifyPeerCertificate takes an x509bundle.Source and an authorizer and implements the VerifyPeerCertificate callback for both client and server tls.Config.
Along with the primitive helpers, there are a slew of functions that set up a variety of TLS configurations using the above helpers. Most of the implementation can be borrowed from the existing v1 TLS peer implementation.
The v2-api branch has scaffolding for the implementations in config.go.
The
tlsconfig
package contains various methods of creating/updating TLS configuration with the ability to perform SPIFFE authentication over TLS.There are 3 primitive helper functions:
x509svid.Source
and implements theGetCertificate
callback for servertls.Config
x509svid.Source
and implements theGetClientCertificate
callback for clienttls.Config
x509bundle.Source
and an authorizer and implements theVerifyPeerCertificate
callback for both client and servertls.Config
.Along with the primitive helpers, there are a slew of functions that set up a variety of TLS configurations using the above helpers. Most of the implementation can be borrowed from the existing v1 TLS peer implementation.
The
v2-api
branch has scaffolding for the implementations inconfig.go
.This issue depends on #55 and #62.
The text was updated successfully, but these errors were encountered: