▽

Package test

func CreateCACertificate ¶

func CreateCACertificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func CreateCertificate ¶

func CreateCertificate(tb testing.TB, tmpl, parent *x509.Certificate, pub, priv interface{}) *x509.Certificate

func CreateX509Certificate ¶

func CreateX509Certificate(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func CreateX509SVID ¶

func CreateX509SVID(tb testing.TB, parent *x509.Certificate, parentKey crypto.Signer, id spiffeid.ID, options ...CertificateOption) (*x509.Certificate, crypto.Signer)

func NewEC256Key ¶

func NewEC256Key(tb testing.TB) *ecdsa.PrivateKey

NewEC256Key returns an ECDSA key over the P256 curve

func NewKeyID ¶

func NewKeyID(tb testing.TB) string

NewKeyID returns a random id useful for identifying keys

func NewSerial ¶

func NewSerial(tb testing.TB) *big.Int

type CA ¶

type CA struct {
    // contains filtered or unexported fields
}

func NewCA ¶

func NewCA(tb testing.TB, td spiffeid.TrustDomain) *CA

func (*CA) Bundle ¶

func (ca *CA) Bundle() *spiffebundle.Bundle

func (*CA) ChildCA ¶

func (ca *CA) ChildCA(options ...CertificateOption) *CA

func (*CA) CreateX509Certificate ¶

func (ca *CA) CreateX509Certificate(options ...CertificateOption) ([]*x509.Certificate, crypto.Signer)

func (*CA) CreateX509SVID ¶

func (ca *CA) CreateX509SVID(id spiffeid.ID, options ...CertificateOption) *x509svid.SVID

func (*CA) CreateX509SVIDNoPrivateKey ¶

func (ca *CA) CreateX509SVIDNoPrivateKey(id spiffeid.ID, options ...CertificateOption) *x509svid.SVID

func (*CA) X509Authorities ¶

func (ca *CA) X509Authorities() []*x509.Certificate

func (*CA) X509Bundle ¶

func (ca *CA) X509Bundle() *x509bundle.Bundle

type CertificateOption ¶

type CertificateOption interface {
    // contains filtered or unexported methods
}

func WithKeyUsage ¶

func WithKeyUsage(keyUsage x509.KeyUsage) CertificateOption

func WithSerial ¶

func WithSerial(serial *big.Int) CertificateOption

func WithSubject ¶

func WithSubject(subject pkix.Name) CertificateOption

func WithURIs ¶

func WithURIs(uris ...*url.URL) CertificateOption

type WorkloadAPI ¶

type WorkloadAPI struct {
    // contains filtered or unexported fields
}

func NewWorkloadAPI ¶

func NewWorkloadAPI(tb testing.TB) *WorkloadAPI

func (*WorkloadAPI) Addr ¶

func (w *WorkloadAPI) Addr() string

func (*WorkloadAPI) SetX509SVIDResponse ¶

func (w *WorkloadAPI) SetX509SVIDResponse(r *X509SVIDResponse)

func (*WorkloadAPI) Stop ¶

func (w *WorkloadAPI) Stop()

type X509SVIDResponse ¶

type X509SVIDResponse struct {
    SVIDs            []*x509svid.SVID
    Bundle           *x509bundle.Bundle
    FederatedBundles []*x509bundle.Bundle
}

func (*X509SVIDResponse) ToProto ¶

func (r *X509SVIDResponse) ToProto(tb testing.TB) *workload.X509SVIDResponse