Documentation ¶
Index ¶
- Constants
- Variables
- type GormPrivateKey
- type KeyDBStore
- func (s *KeyDBStore) AddKey(keyInfo trustmanager.KeyInfo, privKey data.PrivateKey) error
- func (s *KeyDBStore) ExportKey(keyID string) ([]byte, error)
- func (s *KeyDBStore) GetKey(keyID string) (data.PrivateKey, string, error)
- func (s *KeyDBStore) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error)
- func (s *KeyDBStore) HealthCheck() error
- func (s *KeyDBStore) ListKeys() map[string]trustmanager.KeyInfo
- func (s *KeyDBStore) Name() string
- func (s *KeyDBStore) RemoveKey(keyID string) error
- func (s *KeyDBStore) RotateKeyPassphrase(keyID, newPassphraseAlias string) error
- type RDBPrivateKey
- type RethinkDBKeyStore
- func (rdb *RethinkDBKeyStore) AddKey(keyInfo trustmanager.KeyInfo, privKey data.PrivateKey) error
- func (rdb RethinkDBKeyStore) Bootstrap() error
- func (rdb RethinkDBKeyStore) CheckHealth() error
- func (rdb RethinkDBKeyStore) ExportKey(keyID string) ([]byte, error)
- func (rdb *RethinkDBKeyStore) GetKey(name string) (data.PrivateKey, string, error)
- func (rdb RethinkDBKeyStore) GetKeyInfo(name string) (trustmanager.KeyInfo, error)
- func (rdb RethinkDBKeyStore) ListKeys() map[string]trustmanager.KeyInfo
- func (rdb *RethinkDBKeyStore) Name() string
- func (rdb RethinkDBKeyStore) RemoveKey(keyID string) error
- func (rdb RethinkDBKeyStore) RotateKeyPassphrase(name, newPassphraseAlias string) error
Constants ¶
const ( EncryptionAlg = jose.A256GCM KeywrapAlg = jose.PBES2_HS256_A128KW )
Constants
Variables ¶
var PrivateKeysRethinkTable = rethinkdb.Table{ Name: RDBPrivateKey{}.TableName(), PrimaryKey: RDBPrivateKey{}.KeyID, JSONUnmarshaller: rdbPrivateKeyFromJSON, }
PrivateKeysRethinkTable is the table definition for notary signer's key information
Functions ¶
This section is empty.
Types ¶
type GormPrivateKey ¶
type GormPrivateKey struct { gorm.Model KeyID string `sql:"not null;unique;index:key_id_idx"` EncryptionAlg string `sql:"not null"` KeywrapAlg string `sql:"not null"` Algorithm string `sql:"not null"` PassphraseAlias string `sql:"not null"` Public string `sql:"not null"` Private string `sql:"not null"` }
GormPrivateKey represents a PrivateKey in the database
func (GormPrivateKey) TableName ¶
func (g GormPrivateKey) TableName() string
TableName sets a specific table name for our GormPrivateKey
type KeyDBStore ¶
KeyDBStore persists and manages private keys on a SQL database
func NewKeyDBStore ¶
func NewKeyDBStore(passphraseRetriever notary.PassRetriever, defaultPassAlias string, dbDialect string, dbArgs ...interface{}) (*KeyDBStore, error)
NewKeyDBStore returns a new KeyDBStore backed by a SQL database
func (*KeyDBStore) AddKey ¶
func (s *KeyDBStore) AddKey(keyInfo trustmanager.KeyInfo, privKey data.PrivateKey) error
AddKey stores the contents of a private key. Both role and gun are ignored, we always use Key IDs as name, and don't support aliases
func (*KeyDBStore) ExportKey ¶
func (s *KeyDBStore) ExportKey(keyID string) ([]byte, error)
ExportKey is currently unimplemented and will always return an error
func (*KeyDBStore) GetKey ¶
func (s *KeyDBStore) GetKey(keyID string) (data.PrivateKey, string, error)
GetKey returns the PrivateKey given a KeyID
func (*KeyDBStore) GetKeyInfo ¶
func (s *KeyDBStore) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error)
GetKeyInfo returns the PrivateKey's role and gun in a KeyInfo given a KeyID
func (*KeyDBStore) HealthCheck ¶
func (s *KeyDBStore) HealthCheck() error
HealthCheck verifies that DB exists and is query-able
func (*KeyDBStore) ListKeys ¶
func (s *KeyDBStore) ListKeys() map[string]trustmanager.KeyInfo
ListKeys always returns nil. This method is here to satisfy the KeyStore interface
func (*KeyDBStore) Name ¶
func (s *KeyDBStore) Name() string
Name returns a user friendly name for the storage location
func (*KeyDBStore) RemoveKey ¶
func (s *KeyDBStore) RemoveKey(keyID string) error
RemoveKey removes the key from the keyfilestore
func (*KeyDBStore) RotateKeyPassphrase ¶
func (s *KeyDBStore) RotateKeyPassphrase(keyID, newPassphraseAlias string) error
RotateKeyPassphrase rotates the key-encryption-key
type RDBPrivateKey ¶
type RDBPrivateKey struct { rethinkdb.Timing KeyID string `gorethink:"key_id"` EncryptionAlg string `gorethink:"encryption_alg"` KeywrapAlg string `gorethink:"keywrap_alg"` Algorithm string `gorethink:"algorithm"` PassphraseAlias string `gorethink:"passphrase_alias"` Public string `gorethink:"public"` Private string `gorethink:"private"` }
RDBPrivateKey represents a PrivateKey in the rethink database
func (RDBPrivateKey) TableName ¶
func (g RDBPrivateKey) TableName() string
TableName sets a specific table name for our RDBPrivateKey
type RethinkDBKeyStore ¶
type RethinkDBKeyStore struct {
// contains filtered or unexported fields
}
RethinkDBKeyStore persists and manages private keys on a RethinkDB database
func NewRethinkDBKeyStore ¶
func NewRethinkDBKeyStore(dbName, username, password string, passphraseRetriever notary.PassRetriever, defaultPassAlias string, rethinkSession *gorethink.Session) *RethinkDBKeyStore
NewRethinkDBKeyStore returns a new RethinkDBKeyStore backed by a RethinkDB database
func (*RethinkDBKeyStore) AddKey ¶
func (rdb *RethinkDBKeyStore) AddKey(keyInfo trustmanager.KeyInfo, privKey data.PrivateKey) error
AddKey stores the contents of a private key. Both role and gun are ignored, we always use Key IDs as name, and don't support aliases
func (RethinkDBKeyStore) Bootstrap ¶
func (rdb RethinkDBKeyStore) Bootstrap() error
Bootstrap sets up the database and tables, also creating the notary signer user with appropriate db permission
func (RethinkDBKeyStore) CheckHealth ¶
func (rdb RethinkDBKeyStore) CheckHealth() error
CheckHealth verifies that DB exists and is query-able
func (RethinkDBKeyStore) ExportKey ¶
func (rdb RethinkDBKeyStore) ExportKey(keyID string) ([]byte, error)
ExportKey is currently unimplemented and will always return an error
func (*RethinkDBKeyStore) GetKey ¶
func (rdb *RethinkDBKeyStore) GetKey(name string) (data.PrivateKey, string, error)
GetKey returns the PrivateKey given a KeyID
func (RethinkDBKeyStore) GetKeyInfo ¶
func (rdb RethinkDBKeyStore) GetKeyInfo(name string) (trustmanager.KeyInfo, error)
GetKeyInfo always returns empty and an error. This method is here to satisfy the KeyStore interface
func (RethinkDBKeyStore) ListKeys ¶
func (rdb RethinkDBKeyStore) ListKeys() map[string]trustmanager.KeyInfo
ListKeys always returns nil. This method is here to satisfy the KeyStore interface
func (*RethinkDBKeyStore) Name ¶
func (rdb *RethinkDBKeyStore) Name() string
Name returns a user friendly name for the storage location
func (RethinkDBKeyStore) RemoveKey ¶
func (rdb RethinkDBKeyStore) RemoveKey(keyID string) error
RemoveKey removes the key from the table
func (RethinkDBKeyStore) RotateKeyPassphrase ¶
func (rdb RethinkDBKeyStore) RotateKeyPassphrase(name, newPassphraseAlias string) error
RotateKeyPassphrase rotates the key-encryption-key