⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

IdentityProvider

veridian_kernel::services::mesh::identity

Struct IdentityProvider 

Source 
pub struct IdentityProvider { /* private fields */ }
Expand description

Service identity provider with self-signed CA stub.

Implementations§

Source§

impl IdentityProvider

Source

pub const DEFAULT_CERT_LIFETIME: u64 = 3_600u64

Default certificate lifetime: 3600 ticks (1 hour at 1 tick/sec).

Source

pub fn new(trust_domain: String) -> Self

Create a new identity provider.

Source

pub fn issue_identity( &mut self, spiffe_id: SpiffeId, current_tick: u64, ) -> Result<&ServiceIdentity, IdentityError>

Issue an identity for a service.

Source

pub fn verify_identity( &self, spiffe_uri: &str, current_tick: u64, ) -> Result<bool, IdentityError>

Verify an identity’s certificate is valid.

Source

pub fn rotate_certificate( &mut self, spiffe_uri: &str, current_tick: u64, ) -> Result<&ServiceIdentity, IdentityError>

Rotate a certificate (renew before expiry).

Source

pub fn get_identity(&self, spiffe_uri: &str) -> Option<&ServiceIdentity>

Get an identity by SPIFFE URI.

Source

pub fn list_identities(&self) -> Vec<&ServiceIdentity>

List all identities.

Source

pub fn ca_certificate(&self) -> &[u8]

Get the CA certificate.

Source

pub fn trust_domain(&self) -> &str

Get the trust domain.

Source

pub fn identity_count(&self) -> usize

Get the total number of issued identities.

Trait Implementations§

Source§

impl Debug for IdentityProvider

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for IdentityProvider

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl Freeze for IdentityProvider

§

impl RefUnwindSafe for IdentityProvider

§

impl Send for IdentityProvider

§

impl Sync for IdentityProvider

§

impl Unpin for IdentityProvider

§

impl UnwindSafe for IdentityProvider

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.