localkm

Documentation

Overview

Package localkm provides a keys.ManagerInterface implementation that persists keys to disk.

Index

• type T
  • func (k *T) AddFlags(cmd *cobra.Command)
  • func (k *T) CreateFirstSigningKey(ctx context.Context) (string, error)
  • func (k *T) CreateNewRootKey(ctx context.Context) (string, error)
  • func (k *T) CreateNewSigningKeyVersion(ctx context.Context) (string, error)
  • func (k *T) DestroyKeyVersion(ctx context.Context, keyVersionName string) error
  • func (k *T) Init(context.Context) error
  • func (k *T) InitContext(ctx context.Context) (context.Context, error)
  • func (k *T) PersistentPreRunE(*cobra.Command, []string) error
  • func (k *T) Wipeout(ctx context.Context) error

Types

type T

type T struct {
	memkm.T
	KeyDir    string
	FileToKvn map[string]string
	// contains filtered or unexported fields
}

T is a local key manager that persists private keys to a given directory in .pem format. Slashes in keyversionnames disallowed. The file name without .pem is synonymous with the keyversionname.

func (*T) AddFlags

func (k *T) AddFlags(cmd *cobra.Command)

AddFlags adds any implementation-specific flags for this command component.

func (*T) CreateFirstSigningKey

func (k *T) CreateFirstSigningKey(ctx context.Context) (string, error)

CreateFirstSigningKey is called during CA bootstrapping to create the first signing key that can be used for endorse.

func (*T) CreateNewRootKey

func (k *T) CreateNewRootKey(ctx context.Context) (string, error)

CreateNewRootKey establishes a new key for use as the root CA key.

func (*T) CreateNewSigningKeyVersion

func (k *T) CreateNewSigningKeyVersion(ctx context.Context) (string, error)

CreateNewSigningKeyVersion is callable after CreateNewSigningKey, and is meant for key rotation. The signing key's name ought to be available from the context.

func (*T) DestroyKeyVersion

func (k *T) DestroyKeyVersion(ctx context.Context, keyVersionName string) error

DestroyKeyVersion destroys a single key version.

func (*T) Init

func (k *T) Init(context.Context) error

Init initializes a local key manager given its KeyDir, signature randomness and signer randomness with all the keys in KeyDir.

func (*T) InitContext

func (k *T) InitContext(ctx context.Context) (context.Context, error)

InitContext extends the given context with whatever else the component needs before execution.

func (*T) PersistentPreRunE

func (k *T) PersistentPreRunE(*cobra.Command, []string) error

PersistentPreRunE returns an error if the results of the parsed flags constitute an error.

func (*T) Wipeout

func (k *T) Wipeout(ctx context.Context) error

Wipeout destroys all keys managed by this manager, which is understood as all .pem files in KeyDir.