model

package

v0.0.0-...-1a88b7f Latest Latest Go to latest Published: Nov 8, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/podengo-project/idmsvc-backend

Documentation ¶

Index ¶

Variables
type HostconfJwk
- func NewHostconfJwk(secrets secrets.AppSecrets, expiresAt time.Time) (hc *HostconfJwk, err error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrExpiredKey          = errors.New("expired key")
	ErrInvalidKey          = errors.New("invalid key")
	ErrRevokedKey          = errors.New("revoked key")
	ErrKeyDecryptionFailed = errors.New("decryption failed")
)

Functions ¶

This section is empty.

Types ¶

type HostconfJwk ¶

type HostconfJwk struct {
	gorm.Model
	KeyId        string    // JWK KID
	ExpiresAt    time.Time // Expiration time stamp
	PublicJwk    string    // Public JWK as serialized JSON
	EncryptionId string    // id of the encryption key
	EncryptedJwk []byte    // Encrypted private key, nil if key is revoked
}

HostconfJwks hold public and private JWKs

func NewHostconfJwk ¶

func NewHostconfJwk(secrets secrets.AppSecrets, expiresAt time.Time) (hc *HostconfJwk, err error)

Create a new Hostconf JWK entry with public and encrypted private JWK

func (*HostconfJwk) GetPrivateJWK ¶

func (hc *HostconfJwk) GetPrivateJWK(secrets secrets.AppSecrets) (privkey jwk.Key, state hostconf_jwk.KeyState, err error)

Decrypt and return private jwk.Key from entry Fails if key is invalid, expired, revoked, or not encrypted with secret.

func (*HostconfJwk) GetPrivateKeyState ¶

func (hc *HostconfJwk) GetPrivateKeyState(secrets secrets.AppSecrets) (state hostconf_jwk.KeyState, err error)

Get private key state (invalid, expired, revoked, mismatch, valid)

func (*HostconfJwk) GetPublicJWK ¶

func (hc *HostconfJwk) GetPublicJWK() (pubkey jwk.Key, state hostconf_jwk.KeyState, err error)

Get public jwk.Key from entry Fails if key is invalid, expired, or revoked.

func (*HostconfJwk) GetPublicKeyState ¶

func (hc *HostconfJwk) GetPublicKeyState() (hostconf_jwk.KeyState, error)

Get public key state (invalid, expired, revoked, valid) A public key can be valid although its private key cannot be decrypted by current secret.

func (*HostconfJwk) Revoke ¶

func (hc *HostconfJwk) Revoke() (err error)

Revoke sets the encrypted private key to nil and marks the hostconf JWK as revoked.

Source Files ¶

View all Source files

hostconf_jwk_model.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL