keymanager

package

v1.0.2 Latest Latest Go to latest Published: May 18, 2023 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/accuknox/spire

Documentation ¶

Index ¶

type Key
type KeyManager
type KeyType
- func (keyType KeyType) GenerateSigner() (crypto.Signer, error)
- func (keyType KeyType) String() string
type Repository
type SVIDKeyManager
- func ForSVID(km KeyManager) SVIDKeyManager
type V1

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Key ¶

type Key interface {
	crypto.Signer

	// ID returns the ID of the key in the KeyManager.
	ID() string
}

Key is a KeyManager-backed key

type KeyManager ¶

type KeyManager interface {
	catalog.PluginInfo

	// GenerateKey generates a key with the given ID and key type. If a key
	// with that ID already exists, it is overwritten.
	GenerateKey(ctx context.Context, id string, keyType KeyType) (Key, error)

	// GetKey returns the key with the given ID. If a key with that ID does
	// not exist, a status of codes.NotFound is returned.
	GetKey(ctx context.Context, id string) (Key, error)

	// GetKeys returns all keys managed by the KeyManager.
	GetKeys(ctx context.Context) ([]Key, error)
}

KeyManager provides either a single or multi-key key manager

type KeyType ¶

type KeyType int

KeyType represents the types of keys that are supported by the KeyManager.

const (
	KeyTypeUnset KeyType = iota
	ECP256
	ECP384
	RSA2048
	RSA4096
)

func (KeyType) GenerateSigner ¶

func (keyType KeyType) GenerateSigner() (crypto.Signer, error)

GenerateSigner generates a new key for the given key type

func (KeyType) String ¶

func (keyType KeyType) String() string

String returns the string representation of the key type

type Repository ¶

type Repository struct {
	KeyManager KeyManager
}

func (*Repository) Clear ¶

func (repo *Repository) Clear()

func (*Repository) GetKeyManager ¶

func (repo *Repository) GetKeyManager() KeyManager

func (*Repository) SetKeyManager ¶

func (repo *Repository) SetKeyManager(keyManager KeyManager)

type SVIDKeyManager ¶

type SVIDKeyManager interface {
	// GenerateKey generates a new key. The current key is passed, if available
	// so the key manager can determine which which "slot" to occupy (i.e.
	// which key ID to use for the new key).
	GenerateKey(ctx context.Context, currentKey Key) (Key, error)

	// GetKeys returns all keys managed by the KeyManager.
	GetKeys(ctx context.Context) ([]Key, error)
}

SVIDKeyManager is a wrapper around the key manager specifically used for managing the agent SVID.

func ForSVID ¶

func ForSVID(km KeyManager) SVIDKeyManager

Returns an SVIDKeyManager over the given KeyManager

type V1 ¶

type V1 struct {
	plugin.Facade

	keymanagerv1.KeyManagerPluginClient
}

func (V1) GenerateKey ¶

func (v1 V1) GenerateKey(ctx context.Context, id string, keyType KeyType) (Key, error)

func (V1) GetKey ¶

func (v1 V1) GetKey(ctx context.Context, id string) (Key, error)

func (V1) GetKeys ¶

func (v1 V1) GetKeys(ctx context.Context) ([]Key, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
base
disk
memory
test

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL