Documentation ¶
Overview ¶
Package kms contains utilities related to third-party KMS providers.
Package kms implements the interface to access various ksm services
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AddProvider ¶
func AddProvider(keyResourceID string, init ProviderInit)
AddProvider adds the provider implementation into the local cache
func SupportedProviders ¶
func SupportedProviders() []string
SupportedProviders returns list of initialized providers
Types ¶
type ProviderInit ¶
type ProviderInit func(context.Context, string, myhash.Hash, ...signature.RPCOption) (SignerVerifier, error)
ProviderInit is a function that initializes provider-specific SignerVerifier.
It takes a provider-specific resource ID and hash function, and returns a SignerVerifier using that resource, or any error that was encountered.
type ProviderNotFoundError ¶
type ProviderNotFoundError struct {
// contains filtered or unexported fields
}
ProviderNotFoundError indicates that no matching KMS provider was found
func (*ProviderNotFoundError) Error ¶
func (e *ProviderNotFoundError) Error() string
type SignerVerifier ¶
type SignerVerifier interface { signature.SignerVerifier CreateKey(ctx context.Context, algorithm string) (crypto.PublicKey, error) CryptoSigner(ctx context.Context, errFunc func(error)) (myhash.Signer, myhash.SignerOpts, error) SupportedAlgorithms() []string DefaultAlgorithm() string }
SignerVerifier creates and verifies digital signatures over a message using a KMS service
func Get ¶
func Get(ctx context.Context, keyResourceID string, hashFunc myhash.Hash, opts ...signature.RPCOption) (SignerVerifier, error)
Get returns a KMS SignerVerifier for the given resource string and hash function. If no matching provider is found, Get returns a ProviderNotFoundError. It also returns an error if initializing the SignerVerifier fails.