credentials

package
v0.0.3-beta Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 24, 2025 License: MIT Imports: 17 Imported by: 1

README

credentials

import "github.com/dfns/dfns-sdk-go/credentials"

Index

func WithAWSKMSClient

func WithAWSKMSClient(client AWSKMSClient) func(*AWSKMSSigner)

type AWSKMSClient

AWSKMSClient defines the subset of the AWS KMS client's functionality used here.

type AWSKMSClient interface {
    Sign(ctx context.Context, params *kms.SignInput, optFns ...func(*kms.Options)) (*kms.SignOutput, error)
}

type AWSKMSSigner

AWSKMSSigner implements credentials.ICredentialSigner using AWS KMS.

type AWSKMSSigner struct {
    // contains filtered or unexported fields
}

func NewAWSKMSSigner
func NewAWSKMSSigner(ctx context.Context, cfgSigner *AWSKMSSignerConfig, options ...func(*AWSKMSSigner)) (*AWSKMSSigner, error)

NewAWSKMSSigner creates a new Signer instance using a real KMS client.

func (*AWSKMSSigner) Sign
func (akss *AWSKMSSigner) Sign(userActionChallenge *credentials.UserActionChallenge) (*credentials.KeyAssertion, error)

Sign implements the credentials.ICredentialSigner interface.

type AWSKMSSignerConfig

AWSKMSSignerConfig holds the configuration for the AWS KMS signer.

type AWSKMSSignerConfig struct {
    KeyID  string // The AWS KMS key identifier
    Region string // The AWS region
}

type AsymmetricKeySigner

type AsymmetricKeySigner struct {
    *AsymmetricKeySignerConfig
}

func NewAsymmetricKeySigner
func NewAsymmetricKeySigner(config *AsymmetricKeySignerConfig) *AsymmetricKeySigner

NewAsymmetricKeySigner creates a new instance of AsymmetricKeySigner with the provided configuration.

func (*AsymmetricKeySigner) Sign
func (signer *AsymmetricKeySigner) Sign(userActionChallenge *credentials.UserActionChallenge) (*credentials.KeyAssertion, error)

Sign signs the given challenge using the private key and the hashing algorithm specified in the Algorithm field. If the Algorithm field is not set or invalid, it defaults to SHA256.

type AsymmetricKeySignerConfig

type AsymmetricKeySignerConfig struct {
    // PrivateKey holds the PEM-encoded private key used for signing.
    PrivateKey string
    // CredID is the identifier of the credential associated with the private key.
    CredID string
    // Algorithm specifies the hashing algorithm to use for signing. Defaults to SHA256 if not set.
    Algorithm *crypto.Hash
}

Generated by gomarkdoc

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func WithAWSKMSClient 

func WithAWSKMSClient(client AWSKMSClient) func(*AWSKMSSigner)

Types

type AWSKMSClient 

type AWSKMSClient interface {
	Sign(ctx context.Context, params *kms.SignInput, optFns ...func(*kms.Options)) (*kms.SignOutput, error)
}

AWSKMSClient defines the subset of the AWS KMS client's functionality used here.

type AWSKMSSigner 

type AWSKMSSigner struct {
	// contains filtered or unexported fields
}

AWSKMSSigner implements credentials.ICredentialSigner using AWS KMS.

func NewAWSKMSSigner 

func NewAWSKMSSigner(
	ctx context.Context,
	cfgSigner *AWSKMSSignerConfig,
	options ...func(*AWSKMSSigner),
) (*AWSKMSSigner, error)

NewAWSKMSSigner creates a new Signer instance using a real KMS client.

func (*AWSKMSSigner) Sign 

func (akss *AWSKMSSigner) Sign(
	ctx context.Context,
	userActionChallenge *credentials.UserActionChallenge,
) (*credentials.KeyAssertion, error)

Sign implements the credentials.ICredentialSigner interface.

type AWSKMSSignerConfig 

type AWSKMSSignerConfig struct {
	KeyID            string // The AWS KMS key identifier
	Region           string // The AWS region
	SigningAlgorithm types.SigningAlgorithmSpec
}

AWSKMSSignerConfig holds the configuration for the AWS KMS signer.

type AsymmetricKeySigner 

type AsymmetricKeySigner struct {
	*AsymmetricKeySignerConfig
}

func NewAsymmetricKeySigner 

func NewAsymmetricKeySigner(config *AsymmetricKeySignerConfig) *AsymmetricKeySigner

NewAsymmetricKeySigner creates a new instance of AsymmetricKeySigner with the provided configuration.

func (*AsymmetricKeySigner) Sign 

func (signer *AsymmetricKeySigner) Sign(
	_ context.Context,
	userActionChallenge *credentials.UserActionChallenge,
) (*credentials.KeyAssertion, error)

Sign signs the given challenge using the private key and the hashing algorithm specified in the Algorithm field. If the Algorithm field is not set or invalid, it defaults to SHA256.

type AsymmetricKeySignerConfig 

type AsymmetricKeySignerConfig struct {
	// PrivateKey holds the PEM-encoded private key used for signing.
	PrivateKey string
	// CredID is the identifier of the credential associated with the private key.
	CredID string
	// Algorithm specifies the hashing algorithm to use for signing. Defaults to SHA256 if not set.
	Algorithm *crypto.Hash
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.