Documentation ¶
Overview ¶
Package fake contains utilities to help test KMS providers.
Package fake implements fake signer to be used in tests
Index ¶
- Constants
- type KmsCtxKey
- type SignerVerifier
- func (g *SignerVerifier) CreateKey(_ context.Context, _ string) (crypto.PublicKey, error)
- func (g *SignerVerifier) CryptoSigner(ctx context.Context, errFunc func(error)) (crypto.Signer, crypto.SignerOpts, error)
- func (g *SignerVerifier) DefaultAlgorithm() string
- func (g *SignerVerifier) PublicKey(opts ...signature.PublicKeyOption) (crypto.PublicKey, error)
- func (g *SignerVerifier) SignMessage(message io.Reader, opts ...signature.SignOption) ([]byte, error)
- func (g *SignerVerifier) SupportedAlgorithms() (result []string)
- func (g *SignerVerifier) VerifySignature(signature, message io.Reader, opts ...signature.VerifyOption) error
Constants ¶
const ReferenceScheme = "fakekms://"
ReferenceScheme is a scheme for fake KMS keys. Do not use in production.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type KmsCtxKey ¶
type KmsCtxKey struct{}
KmsCtxKey is used to look up the private key in the struct.
type SignerVerifier ¶
type SignerVerifier struct {
// contains filtered or unexported fields
}
SignerVerifier creates and verifies digital signatures over a message using an in-memory signer
func LoadSignerVerifier ¶
LoadSignerVerifier generates a signer/verifier using the default ECDSA signer or loads a signer from a provided private key and hash. The context should contain a mapping from a string "priv" to a crypto.PrivateKey (RSA, ECDSA, or ED25519).
func (*SignerVerifier) CryptoSigner ¶
func (g *SignerVerifier) CryptoSigner(ctx context.Context, errFunc func(error)) (crypto.Signer, crypto.SignerOpts, error)
CryptoSigner returns a crypto.Signer object that uses the underlying SignerVerifier, along with a crypto.SignerOpts object that allows the KMS to be used in APIs that only accept the standard golang objects
func (*SignerVerifier) DefaultAlgorithm ¶
func (g *SignerVerifier) DefaultAlgorithm() string
DefaultAlgorithm returns the default algorithm for the signer
func (*SignerVerifier) PublicKey ¶
func (g *SignerVerifier) PublicKey(opts ...signature.PublicKeyOption) (crypto.PublicKey, error)
PublicKey returns the public key that can be used to verify signatures created by this signer.
func (*SignerVerifier) SignMessage ¶
func (g *SignerVerifier) SignMessage(message io.Reader, opts ...signature.SignOption) ([]byte, error)
SignMessage signs the provided message using the in-memory signer.
func (*SignerVerifier) SupportedAlgorithms ¶
func (g *SignerVerifier) SupportedAlgorithms() (result []string)
SupportedAlgorithms returns a list with the default algorithm
func (*SignerVerifier) VerifySignature ¶
func (g *SignerVerifier) VerifySignature(signature, message io.Reader, opts ...signature.VerifyOption) error
VerifySignature verifies the signature for the given message. Unless provided in an option, the digest of the message will be computed using the hash function specified when the SignerVerifier was created.
This function returns nil if the verification succeeded, and an error message otherwise.
This function recognizes the following Options listed in order of preference:
- WithDigest()
All other options are ignored if specified.