cacert-gosigner/docs/components.puml

71 lines
No EOL
2.7 KiB
Text

@startuml
!include <C4/C4_Component.puml>
!include <tupadr3/font-awesome/database>
LAYOUT_TOP_DOWN()
System_Ext(SignerClient, "Signer client", "Send commands to signer")
System_Boundary(Signer, "Signer server") {
Boundary(SignerSoftware, "Signer Software") {
Component(SerialHandler, "Serial link handler", "Go", "Reads and writes to the serial interface, parses and creates frames")
Component(ProtocolHandler, "Protocol handler", "Go", "Parses and creates protocol messages")
Component(X509SigningHandler, "X.509 signing", "Go", "Handles X.509 certificate signing commands")
Component(X509RevocationHandler, "X.509 revocation", "Go", "Handles X.509 certificate revocation commands")
Component(OpenPGPSigningHandler, "OpenPGP signing", "Go", Handles OpenPGP key signing commands")
Component(X509CRLHandler, "X.509 crl", "Go", "Handles X.509 CRL retrieval commands")
Component(HealthHandler, "Health check", "Go", "Handles health check commands")
Component(HSMAccess, "HSM access", "Go", "Handles HSM hardware access")
Component(SyncHandler, "Synchronization handler", "Go", "Handles synchronization with other signer")
ComponentDb(SignerDB, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
}
ContainerQueue(NATS, "NATS Service", "NATS")
}
System_Boundary(Signer2, "Other signer") {
Boundary(SignerSoftware2, "Signer Software") {
Component_Ext(SyncHandler2, "Synchronization handler", "Go", "Handles synchronization with other signer")
ComponentDb_Ext(SignerDB2, "Certificate repository", "Go, Embedded Key-Value DB", $sprite="database")
}
ContainerQueue_Ext(NATS2, "NATS Service", "NATS")
}
Component_Ext(HSM, "HSM", "PKCS#11", "Hardware security module")
Rel(SignerClient, SerialHandler, "Uses", "USB serial link")
Rel(SerialHandler, ProtocolHandler, "Uses")
Rel(ProtocolHandler, X509SigningHandler, "Uses")
Rel(ProtocolHandler, X509CRLHandler, "Uses")
Rel(ProtocolHandler, X509RevocationHandler, "Uses")
Rel(ProtocolHandler, OpenPGPSigningHandler, "Uses")
Rel(ProtocolHandler, HealthHandler, "Uses")
Rel(X509SigningHandler, HSMAccess, "Uses")
Rel(X509SigningHandler, SignerDB, "Writes")
Rel(X509RevocationHandler, SignerDB, "Writes")
Rel(X509CRLHandler, HSMAccess, "Uses")
Rel(X509CRLHandler, SignerDB, "Reads")
Rel(OpenPGPSigningHandler, HSMAccess, "Uses")
Rel(OpenPGPSigningHandler, SignerDB, "Writes")
Rel(HealthHandler, HSMAccess, "Checks")
Rel(HealthHandler, SignerDB, "Checks")
Rel(SyncHandler, SignerDB, "Uses")
BiRel(SyncHandler, NATS, "Synchronize", "NATS protocol")
BiRel(NATS, NATS2, "Synchronize", "NATS/TLS")
BiRel(SyncHandler2, NATS2, "Synchronize", "NATS protocol")
Rel(SyncHandler2, SignerDB2, "Uses")
Rel(HSMAccess, HSM, "Uses", "PKCS#11")
@enduml