caserver

package
v0.6.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 8, 2026 License: Apache-2.0, Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const RequestBodySizeLimit = 8192

RequestBodySizeLimit is the maximum request body size

Variables

This section is empty.

Functions

func New 

func New(c *ca.CA, log *slog.Logger, httpClient *http.Client, certLogger CertLogger) http.Handler

New creates a new CA Server which needs to then be attached to some http server, a la `http.ListenAndServeTLS(...)`

Types

type CertEvent added in v0.1.1 

type CertEvent struct {
	Timestamp            time.Time
	SerialNumber         string
	Identity             string
	Principals           []string
	Connection           policy.Connection
	ValidAfter           time.Time
	ValidBefore          time.Time
	Extensions           map[string]string
	PublicKeyFingerprint string
	Policy               policy.Policy
}

CertEvent contains all information about a certificate issuance event.

type CertLogger added in v0.1.1 

type CertLogger interface {
	LogCert(ctx context.Context, event *CertEvent) error
}

CertLogger logs certificate issuance events for audit, compliance, and analytics.

type CreateCertRequest 

type CreateCertRequest struct {
	PublicKey  *sshcert.RawPublicKey `json:"publicKey,omitempty"`
	Connection *policy.Connection    `json:"connection,omitempty"`
}

CreateCertRequest asks for a signed cert. Both fields must be present for a certificate request, or both absent for a hello request.

type CreateCertResponse 

type CreateCertResponse struct {
	Certificate sshcert.RawCertificate `json:"certificate"`
	Policy      policy.Policy          `json:"policy"`
}

CreateCertResponse is response from a CreateCert request

type MultiCertLogger added in v0.1.1 

type MultiCertLogger struct {
	// contains filtered or unexported fields
}

MultiCertLogger calls multiple CertLoggers in sequence. Best-effort: calls all loggers and collects errors, but doesn't stop on first error.

func NewMultiCertLogger added in v0.1.1 

func NewMultiCertLogger(loggers ...CertLogger) *MultiCertLogger

NewMultiCertLogger creates a logger that calls multiple loggers.

func (*MultiCertLogger) LogCert added in v0.1.1 

func (m *MultiCertLogger) LogCert(ctx context.Context, event *CertEvent) error

LogCert calls all loggers and returns a combined error if any fail.

type NoopCertLogger added in v0.1.1 

type NoopCertLogger struct{}

NoopCertLogger is a logger that does nothing. Used when certificate logging is disabled.

func NewNoopCertLogger added in v0.1.1 

func NewNoopCertLogger() *NoopCertLogger

NewNoopCertLogger creates a no-op logger.

func (*NoopCertLogger) LogCert added in v0.1.1 

func (n *NoopCertLogger) LogCert(ctx context.Context, event *CertEvent) error

LogCert does nothing and always returns nil.

type SlogCertLogger added in v0.1.1 

type SlogCertLogger struct {
	// contains filtered or unexported fields
}

SlogCertLogger logs certificate events using structured logging (slog). Works with any slog handler (text, JSON, CloudWatch, etc.).

func NewSlogCertLogger added in v0.1.1 

func NewSlogCertLogger(logger *slog.Logger) *SlogCertLogger

NewSlogCertLogger creates a new certificate logger that emits structured logs.

func (*SlogCertLogger) LogCert added in v0.1.1 

func (l *SlogCertLogger) LogCert(ctx context.Context, event *CertEvent) error

LogCert emits a structured log event with all certificate details.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.