gcp

package
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 13, 2024 License: Apache-2.0 Imports: 23 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	AlgorithmECDSAP256SHA256       = "ecdsa-p256-sha256"
	AlgorithmECDSAP384SHA384       = "ecdsa-p384-sha384"
	AlgorithmRSAPKCS1v152048SHA256 = "rsa-pkcs1v15-2048-sha256"
	AlgorithmRSAPKCS1v153072SHA256 = "rsa-pkcs1v15-3072-sha256"
	AlgorithmRSAPKCS1v154096SHA256 = "rsa-pkcs1v15-4096-sha256"
	AlgorithmRSAPKCS1v154096SHA512 = "rsa-pkcs1v15-4096-sha512"
	AlgorithmRSAPSS2048SHA256      = "rsa-pss-2048-sha256"
	AlgorithmRSAPSS3072SHA256      = "rsa-pss-3072-sha256"
	AlgorithmRSAPSS4096SHA256      = "rsa-pss-4096-sha256"
	AlgorithmRSAPSS4096SHA512      = "rsa-pss-4096-sha512"
)
View Source 
const ReferenceScheme = "gcpkms://"

ReferenceScheme schemes for various KMS services are copied from https://github.com/google/go-cloud/tree/master/secrets

Variables

This section is empty.

Functions

func ValidReference 

func ValidReference(ref string) error

ValidReference returns a non-nil error if the reference string is invalid

Types

type Option 

type Option func(*gcpClientOptions)

func WithCredentialsFile 

func WithCredentialsFile(cred string) Option

type SignerVerifier 

type SignerVerifier struct {
	// contains filtered or unexported fields
}

SignerVerifier is a cryptoutil.SignerVerifier that uses the AWS Key Management Service

func LoadSignerVerifier 

func LoadSignerVerifier(ctx context.Context, ksp *kms.KMSSignerProvider) (*SignerVerifier, error)

LoadSignerVerifier generates signatures using the specified key object in AWS KMS and hash algorithm.

func (*SignerVerifier) Bytes 

func (g *SignerVerifier) Bytes() ([]byte, error)

Bytes returns the bytes of the public key that can be used to verify signatures created by the signer.

func (*SignerVerifier) DefaultAlgorithm 

func (g *SignerVerifier) DefaultAlgorithm() string

DefaultAlgorithm returns the default algorithm for the GCP KMS service

func (*SignerVerifier) KeyID 

func (g *SignerVerifier) KeyID() (string, error)

NOTE: This might be all wrong but setting it like so for now

KeyID returns the key identifier for the key used by this signer.

func (*SignerVerifier) PublicKey 

func (g *SignerVerifier) PublicKey(ctx context.Context) (crypto.PublicKey, error)

PublicKey returns the public key that can be used to verify signatures created by this signer.

func (*SignerVerifier) Sign 

func (g *SignerVerifier) Sign(message io.Reader) ([]byte, error)

Sign signs the provided message using GCP KMS. If the message is provided, this method will compute the digest according to the hash function specified when the Signer was created.

func (*SignerVerifier) SupportedAlgorithms 

func (*SignerVerifier) SupportedAlgorithms() (result []string)

SupportedAlgorithms returns the list of algorithms supported by the AWS KMS service

func (*SignerVerifier) Verifier 

func (g *SignerVerifier) Verifier() (cryptoutil.Verifier, error)

Verifier returns a cryptoutil.Verifier that can be used to verify signatures created by this signer.

func (*SignerVerifier) Verify 

func (g *SignerVerifier) Verify(message io.Reader, sig []byte) (err error)

VerifySignature verifies the signature for the given message, returning nil if the verification succeeded, and an error message otherwise.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.