Documentation ¶
Index ¶
- func GetPrimaryKey(ctx context.Context, kmsKey string) (tink.AEAD, error)
- func KeyHandleToSigner(kh *keyset.Handle) (crypto.Signer, error)
- func NewTinkCA(ctx context.Context, kmsKey, tinkKeysetPath, certPath string) (ca.CertificateAuthority, error)
- func NewTinkCAFromHandle(ctx context.Context, tinkKeysetPath, certPath string, primaryKey tink.AEAD) (ca.CertificateAuthority, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetPrimaryKey ¶
GetPrimaryKey returns a Tink AEAD encryption key from KMS Supports GCP and AWS
func KeyHandleToSigner ¶
KeyHandleToSigner converts a key handle to the crypto.Signer interface. Heavily pulls from Tink's signature and subtle packages.
func NewTinkCA ¶
func NewTinkCA(ctx context.Context, kmsKey, tinkKeysetPath, certPath string) (ca.CertificateAuthority, error)
NewTinkCA creates a signer from an encrypted Tink keyset, encrypted with a GCP KMS key.
func NewTinkCAFromHandle ¶
func NewTinkCAFromHandle(ctx context.Context, tinkKeysetPath, certPath string, primaryKey tink.AEAD) (ca.CertificateAuthority, error)
NewTinkCAFromHandle creates a signer from an encrypted Tink keyset, encrypted with an AEAD key.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.