Documentation ¶
Index ¶
- Constants
- Variables
- func AWSIoTMetadataKey(connectorID string) string
- func AWSIoTSource(id string) string
- func DurationToString(d time.Duration) string
- func ParseDuration(s string) (time.Duration, error)
- type APIServiceInfo
- type AWSIoTPolicy
- type AWSIoTRegistrationMode
- type AlertLatestEvent
- type AuthOptionsClientCertificate
- type BindIdentityToDeviceOutput
- type CAAttachedToDevice
- type CACertificate
- type CACertificatesStats
- type CADistributionSettings
- type CAMetadataMonitoringExpirationDeltas
- type CAStats
- type Certificate
- type CertificateStatus
- type CertificateType
- type CertificatesStats
- type Channel
- type ChannelType
- type ConditionType
- type CryptoEngineInfo
- type CryptoEngineProvider
- type CryptoEngineSL
- type CryptoEngineType
- type CryptoSecretType
- type DMS
- type DMSSettings
- type DMSStats
- type DMSStatus
- type Device
- type DeviceAWSMetadata
- type DeviceEvent
- type DeviceEventType
- type DeviceProvisionProfile
- type DeviceStatus
- type DevicesStats
- type DigitalTwinActionTracker
- type DigitalTwinIdentityState
- type DigitalTwinRemediationActionState
- type ESTAuthMode
- type ESTClientAuthOptionsMutualTLS
- type ESTServerAuthOptionJWT
- type ESTServerAuthOptionPSK
- type ESTServerAuthOptionsClientCertificate
- type EmailConfig
- type EnrollReenrollEvent
- type EnrollmentOptionsESTRFC7030
- type EnrollmentProto
- type EnrollmentSettings
- type EventType
- type Expiration
- type ExpirationTimeRef
- type IoTAWSCAMetadata
- type IotAWSDMSMetadata
- type IssuerCAMetadata
- type KeyMetadata
- type KeyStrength
- type KeyStrengthMetadata
- type KeyType
- type LamassuConfiguration
- type MSTeamsChannelConfig
- type MonitoringExpirationDelta
- type ReEnrollmentSettings
- type RegistrationMode
- type RemediateTracker
- type RemediationActionType
- type RevocationReason
- type SignMessageType
- type Slot
- type SlotStatus
- type Subject
- type Subscription
- type SubscriptionCondition
- type SupportedKeyTypeInfo
- type TimeDuration
- type UpdateModel
- type WebhookChannelConfig
- type X509Certificate
- func (X509Certificate) GormDataType() string
- func (c *X509Certificate) MarshalJSON() ([]byte, error)
- func (c *X509Certificate) Scan(value interface{}) error
- func (c *X509Certificate) String() string
- func (c *X509Certificate) UnmarshalJSON(data []byte) error
- func (c X509Certificate) Value() (driver.Value, error)
- type X509CertificateRequest
Constants ¶
View Source
const ( ESTServerKeyGenBitSize = "ESTServerKeyGenBitSize" ESTServerKeyGenKeyType = "ESTServerKeyGenKeyType" )
View Source
const ( NoneAWSIoTRegistrationMode = "none" JitpAWSIoTRegistrationMode = "jitp" AutomaticAWSIoTRegistrationMode = "auto" )
View Source
const AlertsSource = "lrn://service/lamassuiot-alerts"
View Source
const (
CAAttachedToDeviceKey = "lamassu.io/ca/attached-to"
)
View Source
const (
CAMetadataMonitoringExpirationDeltasKey = "lamassu.io/ca/expiration-deltas"
)
View Source
const CASource = "lrn://service/lamassuiot-ca"
View Source
const ContextSourceKey = "_lms/event-source-id"
View Source
const DMSManagerSource = "lrn://service/lamassuiot-ra"
View Source
const DeviceManagerSource = "lrn://service/lamassuiot-devmanager"
View Source
const HttpSourceHeader = "x-lms-source"
View Source
const VASource = "lrn://service/lamassuiot-va"
Variables ¶
View Source
var RevocationReasonMap = map[int]string{
0: "Unspecified",
1: "KeyCompromise",
2: "CACompromise",
3: "AffiliationChanged",
4: "Superseded",
5: "CessationOfOperation",
6: "CertificateHold",
8: "RemoveFromCRL",
9: "PrivilegeWithdrawn",
10: "AACompromise",
}
Functions ¶
func AWSIoTMetadataKey ¶
func AWSIoTSource ¶
func DurationToString ¶
String returns a string representing the duration in the form "1w4d2h3m5s". Units with 0 values aren't returned, for example: 1d1ms is 1 day 1 milliseconds
func ParseDuration ¶
ParseDuration parses a duration string. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h", "d", "w", "y".
Types ¶
type APIServiceInfo ¶
type AWSIoTPolicy ¶
type AWSIoTRegistrationMode ¶
type AWSIoTRegistrationMode string
type AlertLatestEvent ¶
type BindIdentityToDeviceOutput ¶
type BindIdentityToDeviceOutput struct { Certificate *Certificate `json:"certificate"` DMS *DMS `json:"dms"` Device *Device `json:"device"` }
type CAAttachedToDevice ¶
type CACertificate ¶
type CACertificate struct { Certificate ID string `json:"id" gorm:"primaryKey"` Metadata map[string]interface{} `json:"metadata" gorm:"serializer:json"` IssuanceExpirationRef Expiration `json:"issuance_expiration" gorm:"serializer:json"` Type CertificateType `json:"type"` CreationTS time.Time `json:"creation_ts"` Level int `json:"level"` }
type CACertificatesStats ¶
type CACertificatesStats struct { TotalCAs int `json:"total"` CAsDistributionPerEngine map[string]int `json:"engine_distribution"` CAsStatus map[CertificateStatus]int `json:"status_distribution"` }
type CADistributionSettings ¶
type CAMetadataMonitoringExpirationDeltas ¶
type CAMetadataMonitoringExpirationDeltas []MonitoringExpirationDelta
type CAStats ¶
type CAStats struct { CACertificatesStats CACertificatesStats `json:"cas"` CertificatesStats CertificatesStats `json:"certificates"` }
type Certificate ¶
type Certificate struct { SerialNumber string `json:"serial_number" gorm:"primaryKey"` Metadata map[string]interface{} `json:"metadata" gorm:"serializer:json"` IssuerCAMetadata IssuerCAMetadata `json:"issuer_metadata" gorm:"embedded;embeddedPrefix:issuer_meta_"` Status CertificateStatus `json:"status"` Certificate *X509Certificate `json:"certificate"` KeyMetadata KeyStrengthMetadata `json:"key_metadata" gorm:"embedded;embeddedPrefix:key_strength_meta_"` Subject Subject `json:"subject" gorm:"embedded;embeddedPrefix:subject_"` ValidFrom time.Time `json:"valid_from"` ValidTo time.Time `json:"valid_to"` RevocationTimestamp time.Time `json:"revocation_timestamp"` RevocationReason RevocationReason `json:"revocation_reason"` Type CertificateType `json:"type"` EngineID string `json:"engine_id"` }
type CertificateStatus ¶
type CertificateStatus string
const ( StatusActive CertificateStatus = "ACTIVE" StatusExpired CertificateStatus = "EXPIRED" StatusRevoked CertificateStatus = "REVOKED" )
type CertificateType ¶
type CertificateType string
const ( CertificateTypeManaged CertificateType = "MANAGED" CertificateTypeImportedWithKey CertificateType = "IMPORTED" CertificateTypeExternal CertificateType = "EXTERNAL" )
type CertificatesStats ¶
type CertificatesStats struct { TotalCertificates int `json:"total"` CertificateDistributionPerCA map[string]int `json:"ca_distribution"` CertificateStatus map[CertificateStatus]int `json:"status_distribution"` }
type Channel ¶
type Channel struct { Type ChannelType `json:"type"` Name string `json:"name"` Config any `json:"config" gorm:"serializer:json"` }
type ChannelType ¶
type ChannelType string
const ( ChannelTypeEmail ChannelType = "EMAIL" ChannelTypeMSTeams ChannelType = "MSTEAMS" ChannelTypeWebhook ChannelType = "WEBHOOK" )
type ConditionType ¶
type ConditionType string
const ( JSONSchema ConditionType = "JSON-SCHEMA" JSONPath ConditionType = "JSON-PATH" )
type CryptoEngineInfo ¶
type CryptoEngineInfo struct { Type CryptoEngineType `json:"type"` SecurityLevel CryptoEngineSL `json:"security_level"` Provider string `json:"provider"` Name string `json:"name"` Metadata map[string]any `json:"metadata"` SupportedKeyTypes []SupportedKeyTypeInfo `json:"supported_key_types"` }
type CryptoEngineProvider ¶
type CryptoEngineProvider struct { CryptoEngineInfo ID string `json:"id"` Default bool `json:"default"` }
type CryptoEngineSL ¶
type CryptoEngineSL int
const ( SL0 CryptoEngineSL = 0 SL1 CryptoEngineSL = 1 SL2 CryptoEngineSL = 2 )
type CryptoEngineType ¶
type CryptoEngineType string
const ( PKCS11 CryptoEngineType = "PKCS11" AzureKeyVault CryptoEngineType = "AZURE_KEY_VAULT" Golang CryptoEngineType = "GOLANG" VaultKV2 CryptoEngineType = "HASHICORP_VAULT_KV_V2" AWSKMS CryptoEngineType = "AWS_KMS" AWSSecretsManager CryptoEngineType = "AWS_SECRETS_MANAGER" )
type CryptoSecretType ¶
type CryptoSecretType string
const ( TokenSlotProfile CryptoSecretType = "TOKEN" X509SlotProfileType CryptoSecretType = "x509" SshKeySlotProfileType CryptoSecretType = "SSH_KEY" OtherSlotProfileType CryptoSecretType = "OTHER" )
type DMSSettings ¶
type DMSSettings struct { EnrollmentSettings EnrollmentSettings `json:"enrollment_settings"` ReEnrollmentSettings ReEnrollmentSettings `json:"reenrollment_settings"` CADistributionSettings CADistributionSettings `json:"ca_distribution_settings"` }
type Device ¶
type Device struct { ID string `json:"id" gorm:"primaryKey"` Tags []string `json:"tags" gorm:"serializer:json"` Status DeviceStatus `json:"status"` Icon string `json:"icon"` IconColor string `json:"icon_color"` CreationTimestamp time.Time `json:"creation_timestamp"` Metadata map[string]any `json:"metadata" gorm:"serializer:json"` DMSOwner string `json:"dms_owner"` IdentitySlot *Slot[string] `json:"identity,omitempty" gorm:"serializer:json"` ExtraSlots map[string]*Slot[any] `json:"slots" gorm:"serializer:json"` Events map[time.Time]DeviceEvent `json:"events" gorm:"serializer:json"` }
type DeviceAWSMetadata ¶
type DeviceAWSMetadata struct { Registered bool `json:"thing_registered"` Actions []RemediationActionType `json:"actions"` }
type DeviceEvent ¶
type DeviceEvent struct { EvenType DeviceEventType `json:"type"` EventDescriptions string `json:"description"` }
type DeviceEventType ¶
type DeviceEventType string
const ( DeviceEventTypeCreated DeviceEventType = "CREATED" DeviceEventTypeProvisioned DeviceEventType = "PROVISIONED" DeviceEventTypeReProvisioned DeviceEventType = "RE-PROVISIONED" DeviceEventTypeRenewed DeviceEventType = "RENEWED" DeviceEventTypeShadowUpdated DeviceEventType = "SHADOW-UPDATED" DeviceEventTypeStatusUpdated DeviceEventType = "STATUS-UPDATED" DeviceEventTypeStatusDecommissioned DeviceEventType = "DECOMMISSIONED" )
type DeviceProvisionProfile ¶
type DeviceStatus ¶
type DeviceStatus string
const ( DeviceNoIdentity DeviceStatus = "NO_IDENTITY" DeviceActive DeviceStatus = "ACTIVE" DeviceRenewalWindow DeviceStatus = "RENEWAL_PENDING" //A slot should be ReEnrolled DeviceAboutToExpire DeviceStatus = "EXPIRING_SOON" //A slot has a Critical certificate and should be ReEnrolled DeviceExpired DeviceStatus = "EXPIRED" DeviceRevoked DeviceStatus = "REVOKED" DeviceDecommissioned DeviceStatus = "DECOMMISSIONED" )
type DevicesStats ¶
type DevicesStats struct { TotalDevices int `json:"total"` DevicesStatus map[DeviceStatus]int `json:"status_distribution"` }
type DigitalTwinIdentityState ¶
type DigitalTwinIdentityState map[RemediationActionType]*DigitalTwinActionTracker
type DigitalTwinRemediationActionState ¶
type DigitalTwinRemediationActionState struct { RemediationType RemediationActionType `json:"action"` LamassuInstance LamassuConfiguration `json:"lamassu_instance"` }
type ESTAuthMode ¶
type ESTAuthMode string
const ( ESTAuthModeNoAuth ESTAuthMode = "NO_AUTH" ESTAuthModeClientCertificate ESTAuthMode = "CLIENT_CERTIFICATE" )
type ESTClientAuthOptionsMutualTLS ¶
type ESTClientAuthOptionsMutualTLS struct { Certificate *X509Certificate PrivateKey interface{} }
type ESTServerAuthOptionJWT ¶
type ESTServerAuthOptionJWT struct { }
type ESTServerAuthOptionPSK ¶
type ESTServerAuthOptionPSK struct { }
type ESTServerAuthOptionsClientCertificate ¶
type ESTServerAuthOptionsClientCertificate struct {
ClientCertificate *x509.Certificate
}
type EmailConfig ¶
type EmailConfig struct {
Email string `json:"email"`
}
type EnrollReenrollEvent ¶
type EnrollReenrollEvent struct { Certificate *X509Certificate `json:"certificate"` APS string `json:"aps"` }
type EnrollmentOptionsESTRFC7030 ¶
type EnrollmentOptionsESTRFC7030 struct { AuthMode ESTAuthMode `json:"auth_mode"` AuthOptionsMTLS AuthOptionsClientCertificate `json:"client_certificate_settings"` }
type EnrollmentSettings ¶
type EnrollmentSettings struct { EnrollmentProtocol EnrollmentProto `json:"protocol"` EnrollmentOptionsESTRFC7030 EnrollmentOptionsESTRFC7030 `json:"est_rfc7030_settings"` DeviceProvisionProfile DeviceProvisionProfile `json:"device_provisioning_profile"` EnrollmentCA string `json:"enrollment_ca"` EnableReplaceableEnrollment bool `json:"enable_replaceable_enrollment"` //switch-like option that enables enrolling, already enrolled devices RegistrationMode RegistrationMode `json:"registration_mode"` }
type EventType ¶
type EventType string
const ( EventCreateCAKey EventType = "ca.create" EventImportCAKey EventType = "ca.import" EventUpdateCAStatusKey EventType = "ca.update.status" EventUpdateCAMetadataKey EventType = "ca.update.metadata" EventSignCertificateKey EventType = "ca.sign.certificate" EventSignatureSignKey EventType = "ca.sign.signature" EventDeleteCAKey EventType = "ca.delete" EventCreateCertificateKey EventType = "certificate.create" EventImportCertificateKey EventType = "certificate.import" EventUpdateCertificateStatusKey EventType = "certificate.update.status" EventUpdateCertificateMetadataKey EventType = "certificate.update.metadata" EventCreateDMSKey EventType = "dms.create" EventUpdateDMSMetadataKey EventType = "dms.update.metadata" EventEnrollKey EventType = "dms.enroll" EventReEnrollKey EventType = "dms.reenroll" EventBindDeviceIdentityKey EventType = "dms.bind-device-id" EventCreateDeviceKey EventType = "device.create" EventUpdateDeviceIDSlotKey EventType = "device.update.identity" EventUpdateDeviceStatusKey EventType = "device.update.status" EventUpdateDeviceMetadataKey EventType = "device.update.metadata" )
type Expiration ¶
type Expiration struct { Type ExpirationTimeRef `json:"type"` Duration *TimeDuration `json:"duration,omitempty"` Time *time.Time `json:"time,omitempty"` }
type ExpirationTimeRef ¶
type ExpirationTimeRef string
var ( Duration ExpirationTimeRef = "Duration" Time ExpirationTimeRef = "Time" )
type IoTAWSCAMetadata ¶
type IotAWSDMSMetadata ¶
type IotAWSDMSMetadata struct { RegistrationMode AWSIoTRegistrationMode `json:"registration_mode"` GroupNames []string `json:"groups,omitempty"` Policies []AWSIoTPolicy `json:"policies,omitempty"` JITPProvisioningTemplate struct { ARN string `json:"arn,omitempty"` AWSCACertificateId string `json:"aws_ca_id,omitempty"` ProvisioningRoleArn string `json:"provisioning_role_arn"` EnableTemplate bool `json:"enable_template"` } `json:"jitp_config,omitempty"` ShadowConfig struct { Enable bool `json:"enable"` ShadowName string `json:"shadow_name,omitempty"` } `json:"shadow_config,omitempty"` }
type IssuerCAMetadata ¶
type KeyMetadata ¶
type KeyStrength ¶
type KeyStrength string
const ( KeyStrengthHigh KeyStrength = "HIGH" KeyStrengthMedium KeyStrength = "MEDIUM" KeyStrengthLow KeyStrength = "LOW" )
type KeyStrengthMetadata ¶
type KeyStrengthMetadata struct { Type KeyType `json:"type"` Bits int `json:"bits"` Strength KeyStrength `json:"strength"` }
type KeyType ¶
type KeyType x509.PublicKeyAlgorithm
func (KeyType) MarshalJSON ¶
func (*KeyType) UnmarshalJSON ¶
type LamassuConfiguration ¶
type MSTeamsChannelConfig ¶
type MSTeamsChannelConfig struct {
WebhookURL string `json:"webhook_url"`
}
type MonitoringExpirationDelta ¶
type MonitoringExpirationDelta struct { Delta TimeDuration `json:"delta"` Name string `json:"name"` Triggered bool `json:"triggered"` }
type ReEnrollmentSettings ¶
type ReEnrollmentSettings struct { AdditionalValidationCAs []string `json:"additional_validation_cas"` ReEnrollmentDelta TimeDuration `json:"reenrollment_delta"` EnableExpiredRenewal bool `json:"enable_expired_renewal"` PreventiveReEnrollmentDelta TimeDuration `json:"preventive_delta"` // (expiration time - delta < time.now) at witch point an event is issued notify its time to reenroll CriticalReEnrollmentDelta TimeDuration `json:"critical_delta"` // (expiration time - delta < time.now) at witch point an event is issued notify critical status }
type RegistrationMode ¶
type RegistrationMode string
const ( JITP RegistrationMode = "JITP" PreRegistration RegistrationMode = "PRE_REGISTRATION" )
type RemediateTracker ¶
type RemediateTracker struct { ActiveDigitalTwinIdentityState DigitalTwinIdentityState Historical []*DigitalTwinActionTracker }
type RemediationActionType ¶
type RemediationActionType string
const ( RemediationActionUpdateTrustAnchorList RemediationActionType = "UPDATE_TRUST_ANCHOR_LIST" RemediationActionUpdateCertificate RemediationActionType = "UPDATE_CERTIFICATE" )
type RevocationReason ¶
type RevocationReason int
func (RevocationReason) MarshalJSON ¶
func (c RevocationReason) MarshalJSON() ([]byte, error)
func (RevocationReason) MarshalText ¶
func (p RevocationReason) MarshalText() ([]byte, error)
func (RevocationReason) String ¶
func (c RevocationReason) String() string
func (*RevocationReason) UnmarshalJSON ¶
func (c *RevocationReason) UnmarshalJSON(data []byte) error
func (*RevocationReason) UnmarshalText ¶
func (p *RevocationReason) UnmarshalText(text []byte) (err error)
type SignMessageType ¶
type SignMessageType string
const ( Raw SignMessageType = "raw" Hashed SignMessageType = "hash" )
type Slot ¶
type Slot[E any] struct { Status SlotStatus `json:"status"` ActiveVersion int `json:"active_version"` SecretType CryptoSecretType `json:"type"` Secrets map[int]E `json:"versions"` // version -> secret Events map[time.Time]DeviceEvent `json:"events" gorm:"serializer:json"` }
type SlotStatus ¶
type SlotStatus string
const ( SlotActive SlotStatus = "ACTIVE" SlotRenewalWindow SlotStatus = "RENEWAL_PENDING" //PreventiveEnroll SlotAboutToExpire SlotStatus = "EXPIRING_SOON" SlotExpired SlotStatus = "EXPIRED" SlotRevoke SlotStatus = "REVOKED" )
type Subscription ¶
type Subscription struct { ID string `json:"id" gorm:"primaryKey"` UserID string `json:"user_id"` EventType EventType `json:"event_type"` SubscriptionDate time.Time `json:"subscription_ts"` Conditions []SubscriptionCondition `json:"conditions" gorm:"serializer:json"` Channel Channel `json:"channel" gorm:"serializer:json"` }
type SubscriptionCondition ¶
type SubscriptionCondition struct { Type ConditionType `json:"type"` Condition string `json:"condition"` }
type SupportedKeyTypeInfo ¶
type TimeDuration ¶
func (TimeDuration) MarshalJSON ¶
func (c TimeDuration) MarshalJSON() ([]byte, error)
func (TimeDuration) String ¶
func (c TimeDuration) String() string
func (*TimeDuration) UnmarshalJSON ¶
func (c *TimeDuration) UnmarshalJSON(data []byte) error
type UpdateModel ¶
type UpdateModel[E any] struct { Previous E `json:"previous"` Updated E `json:"updated"` }
type WebhookChannelConfig ¶
type X509Certificate ¶
type X509Certificate x509.Certificate
--------------------------------------------
func (X509Certificate) GormDataType ¶
func (X509Certificate) GormDataType() string
func (*X509Certificate) MarshalJSON ¶
func (c *X509Certificate) MarshalJSON() ([]byte, error)
func (*X509Certificate) Scan ¶
func (c *X509Certificate) Scan(value interface{}) error
func (*X509Certificate) String ¶
func (c *X509Certificate) String() string
func (*X509Certificate) UnmarshalJSON ¶
func (c *X509Certificate) UnmarshalJSON(data []byte) error
type X509CertificateRequest ¶
type X509CertificateRequest x509.CertificateRequest
--------------------------------------------
func (*X509CertificateRequest) MarshalJSON ¶
func (c *X509CertificateRequest) MarshalJSON() ([]byte, error)
func (*X509CertificateRequest) UnmarshalJSON ¶
func (c *X509CertificateRequest) UnmarshalJSON(data []byte) error
Click to show internal directories.
Click to hide internal directories.