DecodeCertificate takes a byte slice, decodes it from the PEM format, converts it to an x509.Certificate object, and returns it.

DecodePrivateKey takes a byte slice, decodes it from the PEM format, converts it to an rsa.PrivateKey object, and returns it.

DecodeRSAPrivateKeyFromPKCS8 takes a byte slice, decodes it from the PKCS8 format, tries to convert it to an rsa.PrivateKey object, and returns it.

EncodeCertificate takes a certificate as a byte slice, encodes it to the PEM format, and returns it as byte slice.

EncodePrivateKey takes a RSA private key object, encodes it to the PEM format, and returns it as a byte slice.

EncodePrivateKeyInPKCS8 takes a RSA private key object, encodes it to the PKCS8 format, and returns it as a byte slice.

GenerateCertificateAuthorities get a map of wanted certificates and check If they exist in the existingSecretsMap based on the keys in the map.

GenerateClusterSecrets try to deploy in the k8s cluster each secret in the wantedSecretsList.

GenerateClusterSecretsWithFunc will try to deploy in the k8s cluster each secret in the wantedSecretsList.

GetUnmarshaller returns an Unmarshaller for the given typeName.

LoadCAFromSecret loads a CA certificate from an existing Kubernetes secret object.

LoadCertificate takes a byte slice representation of a certificate and the corresponding private key, and returns its de-serialized private key, certificate template and PEM certificate which can be used to sign other x509 certificates.

NewCertificateInfoData creates a new CertificateInfoData struct.

NewPrivateKeyInfoData creates a new PrivateKeyInfoData struct.

SelfGenerateTLSServerCertificate generates a new CA certificate and signs a server certificate with it.

UnmarshalCert unmarshals an CertificateJSONData into a CertificateInfoData.

UnmarshalPrivateKey unmarshals an PrivateKeyJSONData into an PrivateKeyInfoData.

CACert indicates that the certificate should be a certificate authority.

CertificateDataType is the type used to denote an CertificateJSONData structure in the ShootState.

ClientCert indicates that the certificate should have the ExtKeyUsageClientAuth usage.

DataKeyCertificate is the key in a secret data holding the certificate.

DataKeyCertificateCA is the key in a secret data holding the CA certificate.

DataKeyPrivateKey is the key in a secret data holding the private key.

DataKeyPrivateKeyCA is the key in a secret data holding the CA private key.

DataKeyRSAPrivateKey is the key in a secret data holding the RSA private key.

DataKeySSHAuthorizedKeys is the key in a secret data holding the OpenSSH authorized keys.

PKCS1 certificate format.

PKCS8 certificate format.

PrivateKeyDataType is the type used to denote an PrivateKeyJSONData structure in the ShootState.

ServerCert indicates that the certificate should have the ExtKeyUsageServerAuth usage.

ServerClientCert indicates that the certificate should have both the ExtKeyUsageServerAuth and ExtKeyUsageClientAuth usage.

TemporaryDirectoryForSelfGeneratedTLSCertificatesPattern is a constant for the pattern used when creating a temporary directory for self-generated certificates.

EmptyInfoData is an infodata which does not contain any information.

Certificate contains the private key, and the certificate.

CertificateInfoData holds a certificate's private key data and certificate data.

CertificateJSONData is the json representation of CertificateInfoData used to store Certificate metadata in the ShootState.

CertificateSecretConfig contains the specification a to-be-generated CA, server, or client certificate.

PrivateKeyInfoData holds the data of a private key.

PrivateKeyJSONData is the json representation of PrivateKeyInfoData used to store private key in the ShootState.

RSAKeys contains the private key, the public key, and optionally the OpenSSH-formatted authorized keys file data.

RSASecretConfig containing information about the number of bits which should be used for the to-be-created RSA private key.

Secrets represents a set of secrets that can be deployed and deleted.

ConfigInterface define functions needed for generating a specific secret.

DataInterface defines functions needed for defining the data map of a Kubernetes secret.

InfoData is an interface which allows.

Interface represents a set of secrets that can be deployed and deleted.

TypeVersion is the potentially versioned type name of an InfoData representation.

Unmarshaller is a factory to create a dedicated InfoData object from a byte stream.