kms

package
v0.52.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 30, 2025 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client interface {
	// Duck Typed from:
	// https://pkg.go.dev/github.com/aws/aws-sdk-go@v1.55.7/service/kms#KMS.GetPublicKey
	GetPublicKey(input *kmslib.GetPublicKeyInput) (*kmslib.GetPublicKeyOutput, error)
	// Duck Typed from:
	// https://pkg.go.dev/github.com/aws/aws-sdk-go@v1.55.7/service/kms#KMS.Sign
	Sign(input *kmslib.SignInput) (*kmslib.SignOutput, error)
}

Client is an interface that defines the methods for interacting with AWS KMS. We only expose the methods that are needed for our use case, which is to get a public key and sign data.

These methods are directly copied from the kms.Client interface in the AWS SDK for Go v1.

func NewClient 

func NewClient(config ClientConfig) (Client, error)

NewClient constructs a new kmslib.KMS instance using the provided configuration. This adheres to the KMSClient interface, allowing for signing and public key retrieval using AWS KMS.

type ClientConfig 

type ClientConfig struct {
	// Required: KeyID is the AWS KMS key ID or ARN to use for signing.
	KeyID string
	// Required: KeyRegion is the AWS region where the KMS key is located.
	KeyRegion string
	// Optional: AWSProfile is the name of the AWS profile to use for authentication.
	// If not provided, environment variables will be used to determine the AWS profile.
	AWSProfile string
}

ClientConfig holds the configuration for the AWS KMS client.

type ECDSASig 

type ECDSASig struct {
	R asn1.RawValue
	S asn1.RawValue
}

ECDSASig represents the ECDSA signature structure as defined in [RFC 3279] in ASN.1 format. This structure is used to unpack the ECDSA signature returned by AWS KMS when signing data.

[RFC 3279] https://datatracker.ietf.org/doc/html/rfc3279#section-2.2.3

type SPKI 

type SPKI struct {
	AlgorithmIdentifier SPKIAlgorithmIdentifier
	SubjectPublicKey    asn1.BitString
}

SPKI represents the SubjectPublicKeyInfo structure as defined in RFC 5280 in ASN.1 format.

The public key that AWS KMS returns is a DER-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI). This structure is used to unpack the public key returned by the KMS GetPublicKey API call.

For more details: see the AWS KMS documentation on GetPublicKey response syntax.

type SPKIAlgorithmIdentifier 

type SPKIAlgorithmIdentifier struct {
	Algorithm  asn1.ObjectIdentifier
	Parameters asn1.ObjectIdentifier
}

SPKIAlgorithmIdentifier represents the AlgorithmIdentifier structure for the SubjectPublicKeyInfo (SPKI) in ASN.1 format.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.