Documentation
¶
Index ¶
- Constants
- Variables
- func AWSIoTMetadataKey(connectorID string) string
- func AWSIoTSource(id string) string
- func DurationToString(d time.Duration) string
- func ParseDuration(s string) (time.Duration, error)
- type APIServiceInfo
- type AWSIoTPolicy
- type AWSIoTRegistrationMode
- type AlertLatestEvent
- type AuthOptionsClientCertificate
- type BindIdentityToDeviceOutput
- type CAAttachedToDevice
- type CACertificate
- type CACertificatesStats
- type CADistributionSettings
- type CAMetadataMonitoringExpirationDeltas
- type CAStats
- type Certificate
- type CertificateStatus
- type CertificateType
- type CertificatesStats
- type Channel
- type ChannelType
- type ConditionType
- type CryptoEngineInfo
- type CryptoEngineProvider
- type CryptoEngineSL
- type CryptoEngineType
- type CryptoSecretType
- type DMS
- type DMSSettings
- type DMSStats
- type DMSStatus
- type Device
- type DeviceAWSMetadata
- type DeviceEvent
- type DeviceEventType
- type DeviceProvisionProfile
- type DeviceStatus
- type DevicesStats
- type DigitalTwinActionTracker
- type DigitalTwinIdentityState
- type DigitalTwinRemediationActionState
- type ESTAuthMode
- type ESTClientAuthOptionsMutualTLS
- type ESTServerAuthOptionJWT
- type ESTServerAuthOptionPSK
- type ESTServerAuthOptionsClientCertificate
- type EmailConfig
- type EnrollReenrollEvent
- type EnrollmentOptionsESTRFC7030
- type EnrollmentProto
- type EnrollmentSettings
- type EventType
- type Expiration
- type ExpirationTimeRef
- type IoTAWSCAMetadata
- type IotAWSDMSMetadata
- type IssuerCAMetadata
- type KeyMetadata
- type KeyStrength
- type KeyStrengthMetadata
- type KeyType
- type LamassuConfiguration
- type MSTeamsChannelConfig
- type MonitoringExpirationDelta
- type ReEnrollmentSettings
- type RegistrationMode
- type RemediateTracker
- type RemediationActionType
- type RevocationReason
- type SignMessageType
- type Slot
- type SlotStatus
- type Subject
- type Subscription
- type SubscriptionCondition
- type SupportedKeyTypeInfo
- type TimeDuration
- type UpdateModel
- type WebhookChannelConfig
- type X509Certificate
- func (X509Certificate) GormDataType() string
- func (c *X509Certificate) MarshalJSON() ([]byte, error)
- func (c *X509Certificate) Scan(value interface{}) error
- func (c *X509Certificate) String() string
- func (c *X509Certificate) UnmarshalJSON(data []byte) error
- func (c X509Certificate) Value() (driver.Value, error)
- type X509CertificateRequest
Constants ¶
View Source
const ( ESTServerKeyGenBitSize = "ESTServerKeyGenBitSize" ESTServerKeyGenKeyType = "ESTServerKeyGenKeyType" )
View Source
const ( NoneAWSIoTRegistrationMode = "none" JitpAWSIoTRegistrationMode = "jitp" AutomaticAWSIoTRegistrationMode = "auto" )
View Source
const AlertsSource = "lrn://service/lamassuiot-alerts"
View Source
const (
CAAttachedToDeviceKey = "lamassu.io/ca/attached-to"
)
View Source
const (
CAMetadataMonitoringExpirationDeltasKey = "lamassu.io/ca/expiration-deltas"
)
View Source
const CASource = "lrn://service/lamassuiot-ca"
View Source
const ContextSourceKey = "_lms/event-source-id"
View Source
const DMSManagerSource = "lrn://service/lamassuiot-ra"
View Source
const DeviceManagerSource = "lrn://service/lamassuiot-devmanager"
View Source
const HttpSourceHeader = "x-lms-source"
View Source
const VASource = "lrn://service/lamassuiot-va"
Variables ¶
View Source
var RevocationReasonMap = map[int]string{
0: "Unspecified",
1: "KeyCompromise",
2: "CACompromise",
3: "AffiliationChanged",
4: "Superseded",
5: "CessationOfOperation",
6: "CertificateHold",
8: "RemoveFromCRL",
9: "PrivilegeWithdrawn",
10: "AACompromise",
}
Functions ¶
func AWSIoTMetadataKey ¶
func AWSIoTSource ¶
func DurationToString ¶
String returns a string representing the duration in the form "1w4d2h3m5s". Units with 0 values aren't returned, for example: 1d1ms is 1 day 1 milliseconds
func ParseDuration ¶
ParseDuration parses a duration string. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h", "d", "w", "y".
Types ¶
type APIServiceInfo ¶
type AWSIoTPolicy ¶
type AWSIoTRegistrationMode ¶
type AWSIoTRegistrationMode string
type AlertLatestEvent ¶
type BindIdentityToDeviceOutput ¶
type BindIdentityToDeviceOutput struct {
Certificate *Certificate `json:"certificate"`
DMS *DMS `json:"dms"`
Device *Device `json:"device"`
}
type CAAttachedToDevice ¶
type CACertificate ¶
type CACertificate struct {
Certificate
ID string `json:"id" gorm:"primaryKey"`
Metadata map[string]interface{} `json:"metadata" gorm:"serializer:json"`
IssuanceExpirationRef Expiration `json:"issuance_expiration" gorm:"serializer:json"`
Type CertificateType `json:"type"`
CreationTS time.Time `json:"creation_ts"`
Level int `json:"level"`
}
type CACertificatesStats ¶
type CACertificatesStats struct {
TotalCAs int `json:"total"`
CAsDistributionPerEngine map[string]int `json:"engine_distribution"`
CAsStatus map[CertificateStatus]int `json:"status_distribution"`
}
type CADistributionSettings ¶
type CAMetadataMonitoringExpirationDeltas ¶
type CAMetadataMonitoringExpirationDeltas []MonitoringExpirationDelta
type CAStats ¶
type CAStats struct {
CACertificatesStats CACertificatesStats `json:"cas"`
CertificatesStats CertificatesStats `json:"certificates"`
}
type Certificate ¶
type Certificate struct {
SerialNumber string `json:"serial_number" gorm:"primaryKey"`
Metadata map[string]interface{} `json:"metadata" gorm:"serializer:json"`
IssuerCAMetadata IssuerCAMetadata `json:"issuer_metadata" gorm:"embedded;embeddedPrefix:issuer_meta_"`
Status CertificateStatus `json:"status"`
Certificate *X509Certificate `json:"certificate"`
KeyMetadata KeyStrengthMetadata `json:"key_metadata" gorm:"embedded;embeddedPrefix:key_strength_meta_"`
Subject Subject `json:"subject" gorm:"embedded;embeddedPrefix:subject_"`
ValidFrom time.Time `json:"valid_from"`
ValidTo time.Time `json:"valid_to"`
RevocationTimestamp time.Time `json:"revocation_timestamp"`
RevocationReason RevocationReason `json:"revocation_reason"`
Type CertificateType `json:"type"`
EngineID string `json:"engine_id"`
}
type CertificateStatus ¶
type CertificateStatus string
const ( StatusActive CertificateStatus = "ACTIVE" StatusExpired CertificateStatus = "EXPIRED" StatusRevoked CertificateStatus = "REVOKED" )
type CertificateType ¶
type CertificateType string
const ( CertificateTypeManaged CertificateType = "MANAGED" CertificateTypeImportedWithKey CertificateType = "IMPORTED" CertificateTypeExternal CertificateType = "EXTERNAL" )
type CertificatesStats ¶
type CertificatesStats struct {
TotalCertificates int `json:"total"`
CertificateDistributionPerCA map[string]int `json:"ca_distribution"`
CertificateStatus map[CertificateStatus]int `json:"status_distribution"`
}
type Channel ¶
type Channel struct {
Type ChannelType `json:"type"`
Name string `json:"name"`
Config any `json:"config" gorm:"serializer:json"`
}
type ChannelType ¶
type ChannelType string
const ( ChannelTypeEmail ChannelType = "EMAIL" ChannelTypeMSTeams ChannelType = "MSTEAMS" ChannelTypeWebhook ChannelType = "WEBHOOK" )
type ConditionType ¶
type ConditionType string
const ( JSONSchema ConditionType = "JSON-SCHEMA" JSONPath ConditionType = "JSON-PATH" )
type CryptoEngineInfo ¶
type CryptoEngineInfo struct {
Type CryptoEngineType `json:"type"`
SecurityLevel CryptoEngineSL `json:"security_level"`
Provider string `json:"provider"`
Name string `json:"name"`
Metadata map[string]any `json:"metadata"`
SupportedKeyTypes []SupportedKeyTypeInfo `json:"supported_key_types"`
}
type CryptoEngineProvider ¶
type CryptoEngineProvider struct {
CryptoEngineInfo
ID string `json:"id"`
Default bool `json:"default"`
}
type CryptoEngineSL ¶
type CryptoEngineSL int
const ( SL0 CryptoEngineSL = 0 SL1 CryptoEngineSL = 1 SL2 CryptoEngineSL = 2 )
type CryptoEngineType ¶
type CryptoEngineType string
const ( PKCS11 CryptoEngineType = "PKCS11" AzureKeyVault CryptoEngineType = "AZURE_KEY_VAULT" Golang CryptoEngineType = "GOLANG" VaultKV2 CryptoEngineType = "HASHICORP_VAULT_KV_V2" AWSKMS CryptoEngineType = "AWS_KMS" AWSSecretsManager CryptoEngineType = "AWS_SECRETS_MANAGER" )
type CryptoSecretType ¶
type CryptoSecretType string
const ( TokenSlotProfile CryptoSecretType = "TOKEN" X509SlotProfileType CryptoSecretType = "x509" SshKeySlotProfileType CryptoSecretType = "SSH_KEY" OtherSlotProfileType CryptoSecretType = "OTHER" )
type DMSSettings ¶
type DMSSettings struct {
EnrollmentSettings EnrollmentSettings `json:"enrollment_settings"`
ReEnrollmentSettings ReEnrollmentSettings `json:"reenrollment_settings"`
CADistributionSettings CADistributionSettings `json:"ca_distribution_settings"`
}
type Device ¶
type Device struct {
ID string `json:"id" gorm:"primaryKey"`
Tags []string `json:"tags" gorm:"serializer:json"`
Status DeviceStatus `json:"status"`
Icon string `json:"icon"`
IconColor string `json:"icon_color"`
CreationTimestamp time.Time `json:"creation_timestamp"`
Metadata map[string]any `json:"metadata" gorm:"serializer:json"`
DMSOwner string `json:"dms_owner"`
IdentitySlot *Slot[string] `json:"identity,omitempty" gorm:"serializer:json"`
ExtraSlots map[string]*Slot[any] `json:"slots" gorm:"serializer:json"`
Events map[time.Time]DeviceEvent `json:"events" gorm:"serializer:json"`
}
type DeviceAWSMetadata ¶
type DeviceAWSMetadata struct {
Registered bool `json:"thing_registered"`
Actions []RemediationActionType `json:"actions"`
}
type DeviceEvent ¶
type DeviceEvent struct {
EvenType DeviceEventType `json:"type"`
EventDescriptions string `json:"description"`
}
type DeviceEventType ¶
type DeviceEventType string
const ( DeviceEventTypeCreated DeviceEventType = "CREATED" DeviceEventTypeProvisioned DeviceEventType = "PROVISIONED" DeviceEventTypeReProvisioned DeviceEventType = "RE-PROVISIONED" DeviceEventTypeRenewed DeviceEventType = "RENEWED" DeviceEventTypeShadowUpdated DeviceEventType = "SHADOW-UPDATED" DeviceEventTypeStatusUpdated DeviceEventType = "STATUS-UPDATED" DeviceEventTypeStatusDecommissioned DeviceEventType = "DECOMMISSIONED" )
type DeviceProvisionProfile ¶
type DeviceStatus ¶
type DeviceStatus string
const ( DeviceNoIdentity DeviceStatus = "NO_IDENTITY" DeviceActive DeviceStatus = "ACTIVE" DeviceRenewalWindow DeviceStatus = "RENEWAL_PENDING" //A slot should be ReEnrolled DeviceAboutToExpire DeviceStatus = "EXPIRING_SOON" //A slot has a Critical certificate and should be ReEnrolled DeviceExpired DeviceStatus = "EXPIRED" DeviceRevoked DeviceStatus = "REVOKED" DeviceDecommissioned DeviceStatus = "DECOMMISSIONED" )
type DevicesStats ¶
type DevicesStats struct {
TotalDevices int `json:"total"`
DevicesStatus map[DeviceStatus]int `json:"status_distribution"`
}
type DigitalTwinIdentityState ¶
type DigitalTwinIdentityState map[RemediationActionType]*DigitalTwinActionTracker
type DigitalTwinRemediationActionState ¶
type DigitalTwinRemediationActionState struct {
RemediationType RemediationActionType `json:"action"`
LamassuInstance LamassuConfiguration `json:"lamassu_instance"`
}
type ESTAuthMode ¶
type ESTAuthMode string
const ( ESTAuthModeNoAuth ESTAuthMode = "NO_AUTH" ESTAuthModeClientCertificate ESTAuthMode = "CLIENT_CERTIFICATE" )
type ESTClientAuthOptionsMutualTLS ¶
type ESTClientAuthOptionsMutualTLS struct {
Certificate *X509Certificate
PrivateKey interface{}
}
type ESTServerAuthOptionJWT ¶
type ESTServerAuthOptionJWT struct {
}
type ESTServerAuthOptionPSK ¶
type ESTServerAuthOptionPSK struct {
}
type ESTServerAuthOptionsClientCertificate ¶
type ESTServerAuthOptionsClientCertificate struct {
ClientCertificate *x509.Certificate
}
type EmailConfig ¶
type EmailConfig struct {
Email string `json:"email"`
}
type EnrollReenrollEvent ¶
type EnrollReenrollEvent struct {
Certificate *X509Certificate `json:"certificate"`
APS string `json:"aps"`
}
type EnrollmentOptionsESTRFC7030 ¶
type EnrollmentOptionsESTRFC7030 struct {
AuthMode ESTAuthMode `json:"auth_mode"`
AuthOptionsMTLS AuthOptionsClientCertificate `json:"client_certificate_settings"`
}
type EnrollmentSettings ¶
type EnrollmentSettings struct {
EnrollmentProtocol EnrollmentProto `json:"protocol"`
EnrollmentOptionsESTRFC7030 EnrollmentOptionsESTRFC7030 `json:"est_rfc7030_settings"`
DeviceProvisionProfile DeviceProvisionProfile `json:"device_provisioning_profile"`
EnrollmentCA string `json:"enrollment_ca"`
EnableReplaceableEnrollment bool `json:"enable_replaceable_enrollment"` //switch-like option that enables enrolling, already enrolled devices
RegistrationMode RegistrationMode `json:"registration_mode"`
}
type EventType ¶
type EventType string
const ( EventCreateCAKey EventType = "ca.create" EventImportCAKey EventType = "ca.import" EventUpdateCAStatusKey EventType = "ca.update.status" EventUpdateCAMetadataKey EventType = "ca.update.metadata" EventSignCertificateKey EventType = "ca.sign.certificate" EventSignatureSignKey EventType = "ca.sign.signature" EventDeleteCAKey EventType = "ca.delete" EventCreateCertificateKey EventType = "certificate.create" EventImportCertificateKey EventType = "certificate.import" EventUpdateCertificateStatusKey EventType = "certificate.update.status" EventUpdateCertificateMetadataKey EventType = "certificate.update.metadata" EventCreateDMSKey EventType = "dms.create" EventUpdateDMSMetadataKey EventType = "dms.update.metadata" EventEnrollKey EventType = "dms.enroll" EventReEnrollKey EventType = "dms.reenroll" EventBindDeviceIdentityKey EventType = "dms.bind-device-id" EventCreateDeviceKey EventType = "device.create" EventUpdateDeviceIDSlotKey EventType = "device.update.identity" EventUpdateDeviceStatusKey EventType = "device.update.status" EventUpdateDeviceMetadataKey EventType = "device.update.metadata" )
type Expiration ¶
type Expiration struct {
Type ExpirationTimeRef `json:"type"`
Duration *TimeDuration `json:"duration,omitempty"`
Time *time.Time `json:"time,omitempty"`
}
type ExpirationTimeRef ¶
type ExpirationTimeRef string
var ( Duration ExpirationTimeRef = "Duration" Time ExpirationTimeRef = "Time" )
type IoTAWSCAMetadata ¶
type IotAWSDMSMetadata ¶
type IotAWSDMSMetadata struct {
RegistrationMode AWSIoTRegistrationMode `json:"registration_mode"`
GroupNames []string `json:"groups,omitempty"`
Policies []AWSIoTPolicy `json:"policies,omitempty"`
JITPProvisioningTemplate struct {
ARN string `json:"arn,omitempty"`
AWSCACertificateId string `json:"aws_ca_id,omitempty"`
ProvisioningRoleArn string `json:"provisioning_role_arn"`
EnableTemplate bool `json:"enable_template"`
} `json:"jitp_config,omitempty"`
ShadowConfig struct {
Enable bool `json:"enable"`
ShadowName string `json:"shadow_name,omitempty"`
} `json:"shadow_config,omitempty"`
}
type IssuerCAMetadata ¶
type KeyMetadata ¶
type KeyStrength ¶
type KeyStrength string
const ( KeyStrengthHigh KeyStrength = "HIGH" KeyStrengthMedium KeyStrength = "MEDIUM" KeyStrengthLow KeyStrength = "LOW" )
type KeyStrengthMetadata ¶
type KeyStrengthMetadata struct {
Type KeyType `json:"type"`
Bits int `json:"bits"`
Strength KeyStrength `json:"strength"`
}
type KeyType ¶
type KeyType x509.PublicKeyAlgorithm
func (KeyType) MarshalJSON ¶
func (*KeyType) UnmarshalJSON ¶
type LamassuConfiguration ¶
type MSTeamsChannelConfig ¶
type MSTeamsChannelConfig struct {
WebhookURL string `json:"webhook_url"`
}
type MonitoringExpirationDelta ¶
type MonitoringExpirationDelta struct {
Delta TimeDuration `json:"delta"`
Name string `json:"name"`
Triggered bool `json:"triggered"`
}
type ReEnrollmentSettings ¶
type ReEnrollmentSettings struct {
AdditionalValidationCAs []string `json:"additional_validation_cas"`
ReEnrollmentDelta TimeDuration `json:"reenrollment_delta"`
EnableExpiredRenewal bool `json:"enable_expired_renewal"`
PreventiveReEnrollmentDelta TimeDuration `json:"preventive_delta"` // (expiration time - delta < time.now) at witch point an event is issued notify its time to reenroll
CriticalReEnrollmentDelta TimeDuration `json:"critical_delta"` // (expiration time - delta < time.now) at witch point an event is issued notify critical status
}
type RegistrationMode ¶
type RegistrationMode string
const ( JITP RegistrationMode = "JITP" PreRegistration RegistrationMode = "PRE_REGISTRATION" )
type RemediateTracker ¶
type RemediateTracker struct {
ActiveDigitalTwinIdentityState DigitalTwinIdentityState
Historical []*DigitalTwinActionTracker
}
type RemediationActionType ¶
type RemediationActionType string
const ( RemediationActionUpdateTrustAnchorList RemediationActionType = "UPDATE_TRUST_ANCHOR_LIST" RemediationActionUpdateCertificate RemediationActionType = "UPDATE_CERTIFICATE" )
type RevocationReason ¶
type RevocationReason int
func (RevocationReason) MarshalJSON ¶
func (c RevocationReason) MarshalJSON() ([]byte, error)
func (RevocationReason) MarshalText ¶
func (p RevocationReason) MarshalText() ([]byte, error)
func (RevocationReason) String ¶
func (c RevocationReason) String() string
func (*RevocationReason) UnmarshalJSON ¶
func (c *RevocationReason) UnmarshalJSON(data []byte) error
func (*RevocationReason) UnmarshalText ¶
func (p *RevocationReason) UnmarshalText(text []byte) (err error)
type SignMessageType ¶
type SignMessageType string
const ( Raw SignMessageType = "raw" Hashed SignMessageType = "hash" )
type Slot ¶
type Slot[E any] struct { Status SlotStatus `json:"status"` ActiveVersion int `json:"active_version"` SecretType CryptoSecretType `json:"type"` Secrets map[int]E `json:"versions"` // version -> secret Events map[time.Time]DeviceEvent `json:"events" gorm:"serializer:json"` }
type SlotStatus ¶
type SlotStatus string
const ( SlotActive SlotStatus = "ACTIVE" SlotRenewalWindow SlotStatus = "RENEWAL_PENDING" //PreventiveEnroll SlotAboutToExpire SlotStatus = "EXPIRING_SOON" SlotExpired SlotStatus = "EXPIRED" SlotRevoke SlotStatus = "REVOKED" )
type Subscription ¶
type Subscription struct {
ID string `json:"id" gorm:"primaryKey"`
UserID string `json:"user_id"`
EventType EventType `json:"event_type"`
SubscriptionDate time.Time `json:"subscription_ts"`
Conditions []SubscriptionCondition `json:"conditions" gorm:"serializer:json"`
Channel Channel `json:"channel" gorm:"serializer:json"`
}
type SubscriptionCondition ¶
type SubscriptionCondition struct {
Type ConditionType `json:"type"`
Condition string `json:"condition"`
}
type SupportedKeyTypeInfo ¶
type TimeDuration ¶
func (TimeDuration) MarshalJSON ¶
func (c TimeDuration) MarshalJSON() ([]byte, error)
func (TimeDuration) String ¶
func (c TimeDuration) String() string
func (*TimeDuration) UnmarshalJSON ¶
func (c *TimeDuration) UnmarshalJSON(data []byte) error
type UpdateModel ¶
type UpdateModel[E any] struct { Previous E `json:"previous"` Updated E `json:"updated"` }
type WebhookChannelConfig ¶
type X509Certificate ¶
type X509Certificate x509.Certificate
--------------------------------------------
func (X509Certificate) GormDataType ¶
func (X509Certificate) GormDataType() string
func (*X509Certificate) MarshalJSON ¶
func (c *X509Certificate) MarshalJSON() ([]byte, error)
func (*X509Certificate) Scan ¶
func (c *X509Certificate) Scan(value interface{}) error
func (*X509Certificate) String ¶
func (c *X509Certificate) String() string
func (*X509Certificate) UnmarshalJSON ¶
func (c *X509Certificate) UnmarshalJSON(data []byte) error
type X509CertificateRequest ¶
type X509CertificateRequest x509.CertificateRequest
--------------------------------------------
func (*X509CertificateRequest) MarshalJSON ¶
func (c *X509CertificateRequest) MarshalJSON() ([]byte, error)
func (*X509CertificateRequest) UnmarshalJSON ¶
func (c *X509CertificateRequest) UnmarshalJSON(data []byte) error
Source Files
Click to show internal directories.
Click to hide internal directories.