Documentation
¶
Index ¶
- func CreateSigner(kms, name string, opts ...pemutil.Options) (crypto.Signer, error)
- func IsKMSSigner(signer crypto.Signer) (ok bool)
- func IsX509Signer(signer crypto.Signer) bool
- func LoadCertificate(kms, certPath string) ([]*x509.Certificate, error)
- func LoadJSONWebKey(kms, name string, opts ...jose.Option) (*jose.JSONWebKey, error)
- type Attestor
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateSigner ¶
CreateSigner reads a key from a file with a given name or creates a signer with the given kms and name uri.
func IsKMSSigner ¶
IsKMSSigner returns true if the given signer uses the step-kms-plugin signer.
func IsX509Signer ¶
IsX509Signer returns true if the given signer is supported by Go's crypto/x509 package to sign sign X509 certificates. This methods returns true for ECDSA, RSA and Ed25519 keys, but if the kms is `sshagentkms:` it will only return true for Ed25519 keys.
func LoadCertificate ¶ added in v0.23.0
func LoadCertificate(kms, certPath string) ([]*x509.Certificate, error)
LoadCertificate returns a x509.Certificate from a kms or file
func LoadJSONWebKey ¶ added in v0.23.4
LoadJSONWebKey returns a jose.JSONWebKey from a KMS or a file.
Types ¶
type Attestor ¶ added in v0.23.0
Attestor is the interface implemented by step-kms-plugin using the key, sign, and attest commands.
func CreateAttestor ¶ added in v0.23.0
CreateAttestor creates an attestor that will use `step-kms-plugin` with the given kms and name.
Source Files