rest

package
v1.0.0-rc1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 10, 2023 License: Apache-2.0 Imports: 11 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	KeyStoreVarName = "keystore"

	BaseV1Path           = "/v1"
	KeyStorePath         = BaseV1Path + "/keystores"
	DIDPath              = KeyStorePath + "/did"
	KeyPath              = KeyStorePath + "/{" + KeyStoreVarName + "}/keys"
	ExportKeyPath        = KeyPath + "/{" + keyVarName + "}/export"
	RotateKeyPath        = KeyPath + "/{" + keyVarName + "}/rotate"
	SignPath             = KeyPath + "/{" + keyVarName + "}/sign"
	VerifyPath           = KeyPath + "/{" + keyVarName + "}/verify"
	EncryptPath          = KeyPath + "/{" + keyVarName + "}/encrypt"
	DecryptPath          = KeyPath + "/{" + keyVarName + "}/decrypt"
	ComputeMACPath       = KeyPath + "/{" + keyVarName + "}/computemac"
	VerifyMACPath        = KeyPath + "/{" + keyVarName + "}/verifymac"
	SignMultiPath        = KeyPath + "/{" + keyVarName + "}/signmulti"
	VerifyMultiPath      = KeyPath + "/{" + keyVarName + "}/verifymulti"
	DeriveProofPath      = KeyPath + "/{" + keyVarName + "}/deriveproof"
	VerifyProofPath      = KeyPath + "/{" + keyVarName + "}/verifyproof"
	WrapKeyPath          = KeyStorePath + "/{" + KeyStoreVarName + "}/wrap"
	WrapKeyAEPath        = KeyPath + "/{" + keyVarName + "}/wrap"
	UnwrapKeyPath        = KeyPath + "/{" + keyVarName + "}/unwrap"
	BlindPath            = KeyPath + "/{" + keyVarName + "}/blind"
	CorrectnessProofPath = KeyPath + "/{" + keyVarName + "}/correctnessproof"
	SignWithSecretsPath  = KeyPath + "/{" + keyVarName + "}/signwithsecrets"
	HealthCheckPath      = "/healthcheck"
)

API endpoints.

Variables

This section is empty.

Functions

This section is empty.

Types

type AuthMethod 

type AuthMethod int

AuthMethod represents an authorization method. 

const (
	// AuthNone defines that auth is not handled by the service.
	AuthNone AuthMethod = 1 << iota
	// AuthZCAP defines ZCAP as a supported auth method for the handler.
	AuthZCAP
	// AuthGNAP defines GNAP as a supported auth method for the handler.
	AuthGNAP
)

func (AuthMethod) HasFlag 

func (a AuthMethod) HasFlag(flag AuthMethod) bool

HasFlag checks if the given auth method is set.

type Cmd 

type Cmd interface {
	CreateKeyStore(w io.Writer, r io.Reader) error
	CreateKey(w io.Writer, r io.Reader) error
	ExportKey(w io.Writer, r io.Reader) error
	RotateKey(w io.Writer, r io.Reader) error
	ImportKey(w io.Writer, r io.Reader) error
	Sign(w io.Writer, r io.Reader) error
	Verify(w io.Writer, r io.Reader) error
	Encrypt(w io.Writer, r io.Reader) error
	Decrypt(w io.Writer, r io.Reader) error
	ComputeMAC(w io.Writer, r io.Reader) error
	VerifyMAC(w io.Writer, r io.Reader) error
	SignMulti(w io.Writer, r io.Reader) error
	VerifyMulti(w io.Writer, r io.Reader) error
	DeriveProof(w io.Writer, r io.Reader) error
	VerifyProof(w io.Writer, r io.Reader) error
	WrapKey(w io.Writer, r io.Reader) error
	UnwrapKey(w io.Writer, r io.Reader) error
	Blind(w io.Writer, r io.Reader) error
	GetCorrectnessProof(w io.Writer, r io.Reader) error
	SignWithSecrets(w io.Writer, r io.Reader) error
}

Cmd defines command methods.

type ErrorResponse 

type ErrorResponse struct {
	Message string `json:"message"`
}

ErrorResponse is an error response model.

type HTTPHandler 

type HTTPHandler struct {
	// contains filtered or unexported fields
}

HTTPHandler is an HTTP handler for the given path and method.

func NewHTTPHandler 

func NewHTTPHandler(path, method string, handler http.HandlerFunc, action string, auth AuthMethod) *HTTPHandler

NewHTTPHandler returns a configured instance of HTTPHandler.

func (*HTTPHandler) Action 

func (h *HTTPHandler) Action() string

Action returns an action associated with the request path.

func (*HTTPHandler) Auth 

func (h *HTTPHandler) Auth() AuthMethod

Auth returns supported authorization method.

func (*HTTPHandler) Handler 

func (h *HTTPHandler) Handler() http.HandlerFunc

Handler returns an HTTP request handler func.

func (*HTTPHandler) Method 

func (h *HTTPHandler) Method() string

Method returns an HTTP request method.

func (*HTTPHandler) Path 

func (h *HTTPHandler) Path() string

Path returns an HTTP request path.

type Handler 

type Handler interface {
	Path() string
	Method() string
	Handler() http.HandlerFunc
	Action() string
	Auth() AuthMethod
}

Handler represents an HTTP handler for controller API endpoint.

type Operation 

type Operation struct {
	// contains filtered or unexported fields
}

Operation represents REST API controller.

func New 

func New(cmd Cmd) *Operation

New returns REST API controller.

func (*Operation) Blind 

func (o *Operation) Blind(rw http.ResponseWriter, req *http.Request)

Blind swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/blind crypto blindReq

Blind values with CL MasterSecret.

Responses: 

    200: blindResp
default: errorResp

func (*Operation) ComputeMAC 

func (o *Operation) ComputeMAC(rw http.ResponseWriter, req *http.Request)

ComputeMAC swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/computemac crypto computeMACReq

Computes message authentication code (MAC) for data.

MAC provides symmetric message authentication. Computed authentication tag for given data allows the recipient to verify that data are from the expected sender and have not been modified.

Responses: 

    200: computeMACResp
default: errorResp

func (*Operation) CreateKey 

func (o *Operation) CreateKey(rw http.ResponseWriter, req *http.Request)

CreateKey swagger:route POST /v1/keystores/{key_store_id}/keys kms createKeyReq

Creates a new key.

Responses: 

    201: createKeyResp
default: errorResp

func (*Operation) CreateKeyStore 

func (o *Operation) CreateKeyStore(rw http.ResponseWriter, req *http.Request)

CreateKeyStore swagger:route POST /v1/keystores kms createKeyStoreReq

Creates a new key store.

Responses: 

    201: createKeyStoreResp
default: errorResp

func (*Operation) Decrypt 

func (o *Operation) Decrypt(rw http.ResponseWriter, req *http.Request)

Decrypt swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/decrypt crypto decryptReq

Decrypts a ciphertext with associated authenticated data.

The decryption verifies the authenticity and integrity of the associated data, but there are no guarantees with regard to secrecy of that data.

Responses: 

    200: decryptResp
default: errorResp

func (*Operation) DeriveProof 

func (o *Operation) DeriveProof(rw http.ResponseWriter, req *http.Request)

DeriveProof swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/deriveproof crypto deriveProofReq

Creates a BBS+ signature proof for a list of revealed messages.

Responses: 

    200: deriveProofResp
default: errorResp

func (*Operation) Encrypt 

func (o *Operation) Encrypt(rw http.ResponseWriter, req *http.Request)

Encrypt swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/encrypt crypto encryptReq

Encrypts a message with associated authenticated data.

Encryption with associated data ensures authenticity (who the sender is) and integrity (the data has not been tampered with) of that data, but not its secrecy.

Responses: 

    200: encryptResp
default: errorResp

func (*Operation) ExportKey 

func (o *Operation) ExportKey(rw http.ResponseWriter, req *http.Request)

ExportKey swagger:route GET /v1/keystores/{key_store_id}/keys/{key_id} kms exportKeyReq

Exports a public key.

Responses: 

    200: exportKeyResp
default: errorResp

func (*Operation) GetCorrectnessProof 

func (o *Operation) GetCorrectnessProof(rw http.ResponseWriter, req *http.Request)

GetCorrectnessProof swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/correctnessproof crypto correctnessProofReq

Get correctness proof for a CL CredDef key.

Responses: 

    200: correctnessProofResp
default: errorResp

func (*Operation) GetRESTHandlers 

func (o *Operation) GetRESTHandlers() []Handler

GetRESTHandlers returns list of all handlers supported by this controller.

func (*Operation) HealthCheck 

func (o *Operation) HealthCheck(rw http.ResponseWriter, _ *http.Request)

HealthCheck swagger:route GET /healthcheck server healthCheckReq

Returns a health check status.

Responses: 

    200: healthCheckResp
default: errorResp

func (*Operation) ImportKey 

func (o *Operation) ImportKey(rw http.ResponseWriter, req *http.Request)

ImportKey swagger:route PUT /v1/keystores/{key_store_id}/keys kms importKeyReq

Imports a private key.

Responses: 

    201: importKeyResp
default: errorResp

func (*Operation) RotateKey 

func (o *Operation) RotateKey(rw http.ResponseWriter, req *http.Request)

RotateKey swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/rotate kms rotateKeyReq

Rotate the key.

Responses: 

    200: rotateKeyResp
default: errorResp

func (*Operation) Sign 

func (o *Operation) Sign(rw http.ResponseWriter, req *http.Request)

Sign swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/sign crypto signReq

Signs a message.

Responses: 

    200: signResp
default: errorResp

func (*Operation) SignMulti 

func (o *Operation) SignMulti(rw http.ResponseWriter, req *http.Request)

SignMulti swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/signmulti crypto signMultiReq

Creates a BBS+ signature of messages.

Responses: 

    200: signMultiResp
default: errorResp

func (*Operation) SignWithSecrets 

func (o *Operation) SignWithSecrets(rw http.ResponseWriter, req *http.Request)

SignWithSecrets swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/signwithsecrets crypto signWithSecretsReq

Generates a signature and related correctness proof for a CL CredDef key using provided values.

Responses: 

    200: signWithSecretsResp
default: errorResp

func (*Operation) UnwrapKey 

func (o *Operation) UnwrapKey(rw http.ResponseWriter, req *http.Request)

UnwrapKey swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/unwrap crypto unwrapKeyReq

Unwraps a wrapped key.

Responses: 

    200: unwrapKeyResp
default: errorResp

func (*Operation) Verify 

func (o *Operation) Verify(rw http.ResponseWriter, req *http.Request)

Verify swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/verify crypto verifyReq

Verifies a signature.

Responses: 

    200: verifyResp
default: errorResp

func (*Operation) VerifyMAC 

func (o *Operation) VerifyMAC(rw http.ResponseWriter, req *http.Request)

VerifyMAC swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/verifymac crypto verifyMACReq

Verifies whether MAC is a correct authentication code for data.

Responses: 

    200: verifyMACResp
default: errorResp

func (*Operation) VerifyMulti 

func (o *Operation) VerifyMulti(rw http.ResponseWriter, req *http.Request)

VerifyMulti swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/verifymulti crypto verifyMultiReq

Verifies a signature of messages (BBS+).

Responses: 

    200: verifyMultiResp
default: errorResp

func (*Operation) VerifyProof 

func (o *Operation) VerifyProof(rw http.ResponseWriter, req *http.Request)

VerifyProof swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/verifyproof crypto verifyProofReq

Verifies a BBS+ signature proof for revealed messages.

Responses: 

    200: verifyProofResp
default: errorResp

func (*Operation) WrapKey 

func (o *Operation) WrapKey(rw http.ResponseWriter, req *http.Request)

WrapKey swagger:route POST /v1/keystores/{key_store_id}/wrap crypto wrapKeyReq

Wraps CEK using ECDH-ES key wrapping (Anoncrypt).

Responses: 

    200: wrapKeyResp
default: errorResp

func (*Operation) WrapKeyAE 

func (o *Operation) WrapKeyAE(rw http.ResponseWriter, req *http.Request)

WrapKeyAE swagger:route POST /v1/keystores/{key_store_id}/keys/{key_id}/wrap crypto wrapKeyAEReq

Wraps CEK using ECDH-1PU key wrapping (Authcrypt).

Responses: 

    200: wrapKeyResp
default: errorResp

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.