keyvault

package
v0.14.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 5, 2024 License: Apache-2.0 Imports: 12 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetKeyImportExportJsonValue added in v0.10.21

func GetKeyImportExportJsonValue(publicKey, privateKey, wrappingKeyName, wrappingPubKey *string, keyWrappingAlgo *KeyWrappingAlgorithm) (string, error)

Types

type DeletionRecoveryLevel

type DeletionRecoveryLevel string

DeletionRecoveryLevel enumerates the values for deletion recovery level.

const (
	// Purgeable ...
	Purgeable DeletionRecoveryLevel = "Purgeable"
	// Recoverable ...
	Recoverable DeletionRecoveryLevel = "Recoverable"
	// RecoverableProtectedSubscription ...
	RecoverableProtectedSubscription DeletionRecoveryLevel = "Recoverable+ProtectedSubscription"
	// RecoverablePurgeable ...
	RecoverablePurgeable DeletionRecoveryLevel = "Recoverable+Purgeable"
)

type JSONWebKeyCurveName

type JSONWebKeyCurveName string

JSONWebKeyCurveName enumerates the values for json web key curve name.

const (
	// P256 The NIST P-256 elliptic curve, AKA SECG curve SECP256R1.
	P256 JSONWebKeyCurveName = "P-256"
	// P256K The SECG SECP256K1 elliptic curve.
	P256K JSONWebKeyCurveName = "P-256K"
	// P384 The NIST P-384 elliptic curve, AKA SECG curve SECP384R1.
	P384 JSONWebKeyCurveName = "P-384"
	// P521 The NIST P-521 elliptic curve, AKA SECG curve SECP521R1.
	P521 JSONWebKeyCurveName = "P-521"
)

type JSONWebKeyEncryptionAlgorithm

type JSONWebKeyEncryptionAlgorithm string

JSONWebKeyEncryptionAlgorithm enumerates the values for json web key encryption algorithm.

const (
	// RSA15 ...
	RSA15 JSONWebKeyEncryptionAlgorithm = "RSA1_5"
	// RSAOAEP ...
	RSAOAEP JSONWebKeyEncryptionAlgorithm = "RSA-OAEP"
	// RSAOAEP256 ...
	RSAOAEP256 JSONWebKeyEncryptionAlgorithm = "RSA-OAEP-256"
	// A256KW AES Key Wrap with 256 bit key-encryption key
	A256KW JSONWebKeyEncryptionAlgorithm = "A256KW"
	// A256CBC AES-CBC with 256 bit encryption key
	A256CBC JSONWebKeyEncryptionAlgorithm = "A256CBC"
)

type JSONWebKeyOperation

type JSONWebKeyOperation string

JSONWebKeyOperation enumerates the values for json web key operation.

const (
	// Decrypt ...
	Decrypt JSONWebKeyOperation = "decrypt"
	// Encrypt ...
	Encrypt JSONWebKeyOperation = "encrypt"
	// Sign ...
	Sign JSONWebKeyOperation = "sign"
	// UnwrapKey ...
	UnwrapKey JSONWebKeyOperation = "unwrapKey"
	// Verify ...
	Verify JSONWebKeyOperation = "verify"
	// WrapKey ...
	WrapKey JSONWebKeyOperation = "wrapKey"
)

type JSONWebKeySignatureAlgorithm added in v0.10.24

type JSONWebKeySignatureAlgorithm string

JSONWebKeySignatureAlgorithm enumerates the values for json web key signature algorithm. https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.keyvault.models.keysignparameters?view=azure-dotnet-legacy&viewFallbackFrom=azure-dotnet

type JSONWebKeyType

type JSONWebKeyType string

JSONWebKeyType enumerates the values for json web key type.

const (
	// EC Elliptic Curve.
	EC JSONWebKeyType = "EC"
	// ECHSM Elliptic Curve with a private key which is not exportable from the HSM.
	ECHSM JSONWebKeyType = "EC-HSM"
	// Oct Octet sequence (used to represent symmetric keys)
	Oct JSONWebKeyType = "oct"
	// RSA RSA (https://tools.ietf.org/html/rfc3447)
	RSA JSONWebKeyType = "RSA"
	// RSAHSM RSA with a private key which is not exportable from the HSM.
	RSAHSM JSONWebKeyType = "RSA-HSM"
	// AES Advanced Encrytion Standard.
	AES JSONWebKeyType = "AES"
)

type Key

type Key struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; The Azure Resource Manager resource ID for the key vault.
	ID *string `json:"id,omitempty"`
	// Name - READ-ONLY; The name of the key vault.
	Name *string `json:"name,omitempty"`
	// Type - READ-ONLY; The resource type of the key vault.
	Type *string `json:"type,omitempty"`
	// Version
	Version *string `json:"version,omitempty"`
	// Location - The supported Azure location where the key vault should be created.
	Location *string `json:"location,omitempty"`
	// Tags - The tags that will be assigned to the key vault.
	Tags map[string]*string `json:"tags"`
	// Value
	Value *string `json:"value"`
	// Properties - Properties of the vault
	*KeyProperties `json:"properties,omitempty"`
}

Key defines the structure of a secret

type KeyAttributes

type KeyAttributes struct {
	// RecoveryLevel - READ-ONLY; Reflects the deletion recovery level currently in effect for keys in the current vault. If it contains 'Purgeable' the key can be permanently deleted by a privileged user; otherwise, only the system can purge the key, at the end of the retention interval. Possible values include: 'Purgeable', 'RecoverablePurgeable', 'Recoverable', 'RecoverableProtectedSubscription'
	RecoveryLevel DeletionRecoveryLevel `json:"recoveryLevel,omitempty"`
	// Enabled - Determines whether the object is enabled.
	Enabled *bool `json:"enabled,omitempty"`
	// NotBefore - Not before date in UTC.
	NotBefore *date.UnixTime `json:"nbf,omitempty"`
	// Expires - Expiry date in UTC.
	Expires *date.UnixTime `json:"exp,omitempty"`
	// Created - READ-ONLY; Creation time in UTC.
	Created *date.UnixTime `json:"created,omitempty"`
	// Updated - READ-ONLY; Last updated time in UTC.
	Updated *date.UnixTime `json:"updated,omitempty"`
}

KeyAttributes the attributes of a key managed by the key vault service.

type KeyImportExportValue added in v0.10.21

type KeyImportExportValue struct {
	// Version - READ-ONLY; Version of the KeyImportExportValue JSON.
	Version string `json:"version,omitempty"`
	// PublicKey
	PublicKey *string `json:"public-key,omitempty"`
	// PrivateKey
	PrivateKey *string `json:"private-key,omitempty"`
	// PrivateKeyWrappingInfo
	PrivateKeyWrappingInfo *PrivateKeyWrappingInfo `json:"private-key-wrapping-info,omitempty"`
}

Defines the parameters for key import/export operations. Key import/export operations expect Json string equivalent of this struct in Key.Value field

type KeyOperationResult

type KeyOperationResult struct {
	autorest.Response `json:"-"`
	// Kid - READ-ONLY; Key identifier
	Kid *string `json:"kid,omitempty"`
	// Result - READ-ONLY; a URL-encoded base64 string
	Result *string `json:"value,omitempty"`
}

KeyOperationResult the key operation result.

type KeyOperationsParameters

type KeyOperationsParameters struct {
	// Algorithm - algorithm identifier. Possible values include: 'RSAOAEP', 'RSAOAEP256', 'RSA15', 'A256KW', "A256CBC"
	Algorithm JSONWebKeyEncryptionAlgorithm `json:"alg,omitempty"`
	// Value - a URL-encoded base64 string
	Value *string `json:"value,omitempty"`
}

KeyOperationsParameters the key operations parameters.

type KeyProperties

type KeyProperties struct {
	// Exportable - Indicates if the private key can be exported.
	Exportable *bool `json:"exportable,omitempty"`
	// KeyType - The type of key pair to be used for the certificate. Possible values include: 'EC', 'ECHSM', 'RSA', 'RSAHSM', 'Oct', 'AES'
	KeyType JSONWebKeyType         `json:"kty,omitempty"`
	KeyOps  *[]JSONWebKeyOperation `json:"key_ops,omitempty"`
	// KeySize - The key size in bits. For example: 2048, 3072, or 4096 for RSA.
	KeySize *int32 `json:"key_size,omitempty"`
	// ReuseKey - Indicates if the same key pair will be used on certificate renewal.
	ReuseKey *bool `json:"reuse_key,omitempty"`
	// Curve - Elliptic curve name. For valid values, see JsonWebKeyCurveName. Possible values include: 'P256', 'P384', 'P521', 'P256K'
	Curve JSONWebKeyCurveName `json:"crv,omitempty"`
	// State - State
	Statuses map[string]*string `json:"statuses"`
	// KeyRotationFrequencyInSeconds - Configures key rotation frequency.
	KeyRotationFrequencyInSeconds *int64 `json:"keyRotationFrequencyInSeconds,omitempty"`
}

KeyProperties properties of the key pair backing a certificate.

type KeyRestoreParameters

type KeyRestoreParameters struct {
	// KeyBundleBackup - The backup blob associated with a key bundle. (a URL-encoded base64 string)
	KeyBundleBackup *string `json:"value,omitempty"`
}

KeyRestoreParameters the key restore parameters.

type KeySignParameters added in v0.10.24

type KeySignParameters struct {
	// Algorithm - Signing algorithm identifier. Possible values include: 'PS256', 'RS384', etc (see JSONWebKeySignatureAlgorithm)
	Algorithm JSONWebKeySignatureAlgorithm `json:"alg,omitempty"`
	// Value - a URL-encoded base64 string
	Value *string `json:"value,omitempty"`
}

KeySignParameters the key signing parameters.

type KeyVaultClient

type KeyVaultClient struct {
	security.BaseClient
	// contains filtered or unexported fields
}

Client structure

func NewKeyVaultClient

func NewKeyVaultClient(cloudFQDN string, authorizer auth.Authorizer) (*KeyVaultClient, error)

NewClient method returns new client

func (*KeyVaultClient) CreateOrUpdate

func (c *KeyVaultClient) CreateOrUpdate(ctx context.Context, group, name string, keyvault *security.KeyVault) (*security.KeyVault, error)

CreateOrUpdate methods invokes create or update on the client

func (*KeyVaultClient) Delete

func (c *KeyVaultClient) Delete(ctx context.Context, group, name string) error

Delete methods invokes delete of the keyvault resource

func (*KeyVaultClient) Get

func (c *KeyVaultClient) Get(ctx context.Context, group, name string) (*[]security.KeyVault, error)

Get methods invokes the client Get method

type KeyVerifyParameters added in v0.10.24

type KeyVerifyParameters struct {
	// Algorithm - algorithm identifier. Possible values include: 'PS256', 'RS384', etc (see JSONWebKeySignatureAlgorithm)
	Algorithm JSONWebKeySignatureAlgorithm `json:"alg,omitempty"`
	// Value - a URL-encoded base64 string of the digest used for signing
	Digest *string `json:"digest,omitempty"`

	// Value - a URL-encoded base64 string of the signature to be verifed
	Signature *string `json:"value,omitempty"`
}

KeyVerifyParameters the key signing parameters.

type KeyVerifyResult added in v0.10.24

type KeyVerifyResult struct {
	autorest.Response `json:"-"`
	Value             *bool `json:"value,omitempty"`
}

KeyVerifyResult the key verify operation result. https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.keyvault.models.keyverifyresult?view=azure-dotnet-legacy

type KeyWrappingAlgorithm added in v0.10.21

type KeyWrappingAlgorithm string

KeyWrappingAlgorithm enumerates the values for private key wrapping info for key import export operations.

const (
	// CKM_RSA_AES_KEY_WRAP
	CKM_RSA_AES_KEY_WRAP KeyWrappingAlgorithm = "CKM_RSA_AES_KEY_WRAP"
	//RSA_AES_KEY_WRAP_256
	RSA_AES_KEY_WRAP_256 KeyWrappingAlgorithm = "RSA_AES_KEY_WRAP_256"
	//RSA_AES_KEY_WRAP_384
	RSA_AES_KEY_WRAP_384 KeyWrappingAlgorithm = "RSA_AES_KEY_WRAP_384"
	// NO_KEY_WRAP
	NO_KEY_WRAP KeyWrappingAlgorithm = "NO_KEY_WRAP"
)

type PrivateKeyWrappingInfo added in v0.10.21

type PrivateKeyWrappingInfo struct {
	// KeyName - READ-ONLY; Name of the wrapping key
	KeyName *string `json:"key-name,omitempty"`
	// PublicKey - Public key of the wrapping key
	PublicKey *string `json:"public-key,omitempty"`
	// KeyWrappingAlgorithm - Key wrapping algorithm
	KeyWrappingAlgorithm *KeyWrappingAlgorithm `json:"enc,omitempty"`
}

Defines private key wrapping infor for key import/export operations

type Secret

type Secret struct {
	autorest.Response `json:"-"`
	// ID - READ-ONLY; The Azure Resource Manager resource ID for the key vault.
	ID *string `json:"id,omitempty"`
	// Name - READ-ONLY; The name of the key vault.
	Name *string `json:"name,omitempty"`
	// Type - READ-ONLY; The resource type of the key vault.
	Type *string `json:"type,omitempty"`
	// Version
	Version *string `json:"version,omitempty"`
	// Location - The supported Azure location where the key vault should be created.
	Location *string `json:"location,omitempty"`
	// Tags - The tags that will be assigned to the key vault.
	Tags map[string]*string `json:"tags"`
	// Value
	Value *string `json:"value"`
	// Properties - Properties of the vault
	*SecretProperties `json:"properties,omitempty"`
}

Secret defines the structure of a secret

type SecretProperties

type SecretProperties struct {
	// VaultName
	VaultName *string `json:"vaultname"`
	// FileName
	FileName *string `json:"filename"`
	// State - State
	Statuses map[string]*string `json:"statuses"`
}

type Service

type Service interface {
	Get(context.Context, string, string) (*[]security.KeyVault, error)
	CreateOrUpdate(context.Context, string, string, *security.KeyVault) (*security.KeyVault, error)
	Delete(context.Context, string, string) error
}

Service interface

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL