[VOL-1866] Changed module dependency to v12.0.0 of k8s client-go and v1.15.4 of k8s api/apimachinery in sync with other voltha components
Had to use pseudo-version corresponding to v12.0.0 of k8s client-go
because golang proxy is no longer serving the modules not complying
to Semantic Import Versioning rules including client-go v12.0.0.
Refer to https://github.com/kubernetes/client-go/issues/631 and
https://github.com/golang/go/issues/33558
Change-Id: I2e558bab7f0702f230761319eb5392a7d0532ea3
diff --git a/vendor/k8s.io/client-go/util/cert/cert.go b/vendor/k8s.io/client-go/util/cert/cert.go
index 3429c82..9fd097a 100644
--- a/vendor/k8s.io/client-go/util/cert/cert.go
+++ b/vendor/k8s.io/client-go/util/cert/cert.go
@@ -19,29 +19,23 @@
import (
"bytes"
"crypto"
- "crypto/ecdsa"
- "crypto/elliptic"
- "crypto/rand"
cryptorand "crypto/rand"
"crypto/rsa"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
- "errors"
"fmt"
"io/ioutil"
- "math"
"math/big"
"net"
"path"
"strings"
"time"
+
+ "k8s.io/client-go/util/keyutil"
)
-const (
- rsaKeySize = 2048
- duration365d = time.Hour * 24 * 365
-)
+const duration365d = time.Hour * 24 * 365
// Config contains the basic fields required for creating a certificate
type Config struct {
@@ -59,11 +53,6 @@
IPs []net.IP
}
-// NewPrivateKey creates an RSA private key
-func NewPrivateKey() (*rsa.PrivateKey, error) {
- return rsa.GenerateKey(cryptorand.Reader, rsaKeySize)
-}
-
// NewSelfSignedCACert creates a CA certificate
func NewSelfSignedCACert(cfg Config, key crypto.Signer) (*x509.Certificate, error) {
now := time.Now()
@@ -87,58 +76,6 @@
return x509.ParseCertificate(certDERBytes)
}
-// NewSignedCert creates a signed certificate using the given CA certificate and key
-func NewSignedCert(cfg Config, key crypto.Signer, caCert *x509.Certificate, caKey crypto.Signer) (*x509.Certificate, error) {
- serial, err := rand.Int(rand.Reader, new(big.Int).SetInt64(math.MaxInt64))
- if err != nil {
- return nil, err
- }
- if len(cfg.CommonName) == 0 {
- return nil, errors.New("must specify a CommonName")
- }
- if len(cfg.Usages) == 0 {
- return nil, errors.New("must specify at least one ExtKeyUsage")
- }
-
- certTmpl := x509.Certificate{
- Subject: pkix.Name{
- CommonName: cfg.CommonName,
- Organization: cfg.Organization,
- },
- DNSNames: cfg.AltNames.DNSNames,
- IPAddresses: cfg.AltNames.IPs,
- SerialNumber: serial,
- NotBefore: caCert.NotBefore,
- NotAfter: time.Now().Add(duration365d).UTC(),
- KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
- ExtKeyUsage: cfg.Usages,
- }
- certDERBytes, err := x509.CreateCertificate(cryptorand.Reader, &certTmpl, caCert, key.Public(), caKey)
- if err != nil {
- return nil, err
- }
- return x509.ParseCertificate(certDERBytes)
-}
-
-// MakeEllipticPrivateKeyPEM creates an ECDSA private key
-func MakeEllipticPrivateKeyPEM() ([]byte, error) {
- privateKey, err := ecdsa.GenerateKey(elliptic.P256(), cryptorand.Reader)
- if err != nil {
- return nil, err
- }
-
- derBytes, err := x509.MarshalECPrivateKey(privateKey)
- if err != nil {
- return nil, err
- }
-
- privateKeyPemBlock := &pem.Block{
- Type: ECPrivateKeyBlockType,
- Bytes: derBytes,
- }
- return pem.EncodeToMemory(privateKeyPemBlock), nil
-}
-
// GenerateSelfSignedCertKey creates a self-signed certificate and key for the given host.
// Host may be an IP or a DNS name
// You may also specify additional subject alt names (either ip or dns names) for the certificate.
@@ -244,7 +181,7 @@
// Generate key
keyBuffer := bytes.Buffer{}
- if err := pem.Encode(&keyBuffer, &pem.Block{Type: RSAPrivateKeyBlockType, Bytes: x509.MarshalPKCS1PrivateKey(priv)}); err != nil {
+ if err := pem.Encode(&keyBuffer, &pem.Block{Type: keyutil.RSAPrivateKeyBlockType, Bytes: x509.MarshalPKCS1PrivateKey(priv)}); err != nil {
return nil, nil, err
}