keymanager

package

v1.1.4 Latest Latest Go to latest Published: Apr 13, 2022 License: Apache-2.0 Imports: 15 Imported by: 8

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/spiffe/spire

Links

Open Source Insights

Documentation ¶

Index ¶

type Key
type KeyManager
type KeyType
- func (keyType KeyType) GenerateSigner() (crypto.Signer, error)
- func (keyType KeyType) String() string
type Repository
type SVIDKeyManager
- func ForSVID(km KeyManager) SVIDKeyManager
type V1

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Key ¶ added in v1.0.0

type Key interface {
	crypto.Signer

	// ID returns the ID of the key in the KeyManager.
	ID() string
}

Key is a KeyManager-backed key

type KeyManager ¶

type KeyManager interface {
	catalog.PluginInfo

	// GenerateKey generates a key with the given ID and key type. If a key
	// with that ID already exists, it is overwritten.
	GenerateKey(ctx context.Context, id string, keyType KeyType) (Key, error)

	// GetKey returns the key with the given ID. If a key with that ID does
	// not exist, a status of codes.NotFound is returned.
	GetKey(ctx context.Context, id string) (Key, error)

	// GetKeys returns all keys managed by the KeyManager.
	GetKeys(ctx context.Context) ([]Key, error)
}

KeyManager provides either a single or multi-key key manager

type KeyType ¶ added in v1.0.0

type KeyType int

KeyType represents the types of keys that are supported by the KeyManager.

const (
	KeyTypeUnset KeyType = iota
	ECP256
	ECP384
	RSA2048
	RSA4096
)

func (KeyType) GenerateSigner ¶ added in v1.0.0

func (keyType KeyType) GenerateSigner() (crypto.Signer, error)

GenerateSigner generates a new key for the given key type

func (KeyType) String ¶ added in v1.0.0

func (keyType KeyType) String() string

String returns the string representation of the key type

type Repository ¶ added in v1.0.0

type Repository struct {
	KeyManager KeyManager
}

func (*Repository) Clear ¶ added in v1.0.0

func (repo *Repository) Clear()

func (*Repository) GetKeyManager ¶ added in v1.0.0

func (repo *Repository) GetKeyManager() KeyManager

func (*Repository) SetKeyManager ¶ added in v1.0.0

func (repo *Repository) SetKeyManager(keyManager KeyManager)

type SVIDKeyManager ¶ added in v1.0.0

type SVIDKeyManager interface {
	GenerateKey(ctx context.Context, currentKey Key) (Key, error)
	GetKeys(ctx context.Context) ([]Key, error)
}

SVIDKeyManager is a wrapper around the key manager specifically used for managing the agent SVID. This is more or less a short term shim until we can remove support for the v0 plugins and no longer have to adapt SVID storage to both the "single" and "multi" key manager.

func ForSVID ¶ added in v1.0.0

func ForSVID(km KeyManager) SVIDKeyManager

type V1 ¶ added in v1.0.0

type V1 struct {
	plugin.Facade

	keymanagerv1.KeyManagerPluginClient
}

func (V1) GenerateKey ¶ added in v1.0.0

func (v1 V1) GenerateKey(ctx context.Context, id string, keyType KeyType) (Key, error)

func (V1) GetKey ¶ added in v1.0.0

func (v1 V1) GetKey(ctx context.Context, id string) (Key, error)

func (V1) GetKeys ¶ added in v1.0.0

func (v1 V1) GetKeys(ctx context.Context) ([]Key, error)

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
base
disk
memory
test

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL