sshagentkms

package

v0.44.8 Latest Latest Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 17 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/smallstep/crypto

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer
type SSHAgentKMS
- func New(_ context.Context, _ apiv1.Options) (*SSHAgentKMS, error)
- func NewFromAgent(_ context.Context, _ apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error)
type WrappedSSHSigner

Constants ¶

View Source

const Scheme = string(apiv1.SSHAgentKMS)

Scheme is the scheme used in uris, the string "sshagentkms".

Variables ¶

This section is empty.

Functions ¶

func NewWrappedSignerFromSSHSigner ¶

func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer

NewWrappedSignerFromSSHSigner returns a new crypto signer wrapping the given one.

Types ¶

type SSHAgentKMS ¶

type SSHAgentKMS struct {
	// contains filtered or unexported fields
}

SSHAgentKMS is a key manager that uses keys provided by ssh-agent

func New ¶

func New(_ context.Context, _ apiv1.Options) (*SSHAgentKMS, error)

New returns a new SSHAgentKMS.

func NewFromAgent ¶

func NewFromAgent(_ context.Context, _ apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error)

NewFromAgent initializes an SSHAgentKMS from a given agent, this method is used for testing purposes.

func (*SSHAgentKMS) Close ¶

func (k *SSHAgentKMS) Close() error

Close closes the agent. This is a noop for the SSHAgentKMS.

func (*SSHAgentKMS) CreateKey ¶

func (k *SSHAgentKMS) CreateKey(_ *apiv1.CreateKeyRequest) (*apiv1.CreateKeyResponse, error)

CreateKey generates a new key and returns both public and private key.

func (*SSHAgentKMS) CreateSigner ¶

func (k *SSHAgentKMS) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer, error)

CreateSigner returns a new signer configured with the given signing key. Note that because of the way an SSH agent and x509.CreateCertificate works, this signer can only properly sign X509 certificates if the key type is Ed25519.

func (*SSHAgentKMS) GetPublicKey ¶

func (k *SSHAgentKMS) GetPublicKey(req *apiv1.GetPublicKeyRequest) (crypto.PublicKey, error)

GetPublicKey returns the public key from the file passed in the request name.

type WrappedSSHSigner ¶

type WrappedSSHSigner struct {
	Signer ssh.Signer
	// contains filtered or unexported fields
}

WrappedSSHSigner is a utility type to wrap a ssh.Signer as a crypto.Signer

func (*WrappedSSHSigner) LastSignature ¶

func (s *WrappedSSHSigner) LastSignature() *ssh.Signature

LastSignature returns the ssh.Signature in the last sign operation if any.

func (*WrappedSSHSigner) Public ¶

func (s *WrappedSSHSigner) Public() crypto.PublicKey

Public returns the agent public key. The type of this public key is *agent.Key.

func (*WrappedSSHSigner) Sign ¶

func (s *WrappedSSHSigner) Sign(rand io.Reader, data []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign signs the given digest using the ssh agent and returns the signature. Note that because of the way an SSH agent and x509.CreateCertificate works, this signer can only properly sign X509 certificates if the key type is Ed25519.

Source Files ¶

View all Source files

sshagentkms.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL