Documentation ¶
Overview ¶
Package proto contains proto generated code.
Package proto is a reverse proxy.
It translates gRPC into RESTful JSON APIs.
Index ¶
- Variables
- func RegisterSigningHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error
- func RegisterSigningHandlerClient(ctx context.Context, mux *runtime.ServeMux, client SigningClient) error
- func RegisterSigningHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, ...) (err error)
- func RegisterSigningHandlerServer(ctx context.Context, mux *runtime.ServeMux, server SigningServer) error
- func RegisterSigningServer(s grpc.ServiceRegistrar, srv SigningServer)
- type BlobSigningRequest
- func (*BlobSigningRequest) Descriptor() ([]byte, []int)deprecated
- func (x *BlobSigningRequest) GetDigest() string
- func (x *BlobSigningRequest) GetHashAlgorithm() HashAlgo
- func (x *BlobSigningRequest) GetKeyMeta() *KeyMeta
- func (x *BlobSigningRequest) GetPriority() Priority
- func (*BlobSigningRequest) ProtoMessage()
- func (x *BlobSigningRequest) ProtoReflect() protoreflect.Message
- func (x *BlobSigningRequest) Reset()
- func (x *BlobSigningRequest) String() string
- type HashAlgo
- type KeyMeta
- type KeyMetas
- type Priority
- type PublicKey
- type SSHCertificateSigningRequest
- func (*SSHCertificateSigningRequest) Descriptor() ([]byte, []int)deprecated
- func (x *SSHCertificateSigningRequest) GetCriticalOptions() map[string]string
- func (x *SSHCertificateSigningRequest) GetExtensions() map[string]string
- func (x *SSHCertificateSigningRequest) GetKeyId() string
- func (x *SSHCertificateSigningRequest) GetKeyMeta() *KeyMeta
- func (x *SSHCertificateSigningRequest) GetPrincipals() []string
- func (x *SSHCertificateSigningRequest) GetPriority() Priority
- func (x *SSHCertificateSigningRequest) GetPublicKey() string
- func (x *SSHCertificateSigningRequest) GetValidity() uint64
- func (*SSHCertificateSigningRequest) ProtoMessage()
- func (x *SSHCertificateSigningRequest) ProtoReflect() protoreflect.Message
- func (x *SSHCertificateSigningRequest) Reset()
- func (x *SSHCertificateSigningRequest) String() string
- type SSHKey
- type Signature
- type SigningClient
- type SigningServer
- type UnimplementedSigningServer
- func (UnimplementedSigningServer) GetBlobAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error)
- func (UnimplementedSigningServer) GetBlobSigningKey(context.Context, *KeyMeta) (*PublicKey, error)
- func (UnimplementedSigningServer) GetHostSSHCertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error)
- func (UnimplementedSigningServer) GetHostSSHCertificateSigningKey(context.Context, *KeyMeta) (*SSHKey, error)
- func (UnimplementedSigningServer) GetUserSSHCertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error)
- func (UnimplementedSigningServer) GetUserSSHCertificateSigningKey(context.Context, *KeyMeta) (*SSHKey, error)
- func (UnimplementedSigningServer) GetX509CACertificate(context.Context, *KeyMeta) (*X509Certificate, error)
- func (UnimplementedSigningServer) GetX509CertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error)
- func (UnimplementedSigningServer) PostHostSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error)
- func (UnimplementedSigningServer) PostSignBlob(context.Context, *BlobSigningRequest) (*Signature, error)
- func (UnimplementedSigningServer) PostUserSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error)
- func (UnimplementedSigningServer) PostX509Certificate(context.Context, *X509CertificateSigningRequest) (*X509Certificate, error)
- type UnsafeSigningServer
- type X509Certificate
- type X509CertificateSigningRequest
- func (*X509CertificateSigningRequest) Descriptor() ([]byte, []int)deprecated
- func (x *X509CertificateSigningRequest) GetCsr() string
- func (x *X509CertificateSigningRequest) GetExtKeyUsage() []int32
- func (x *X509CertificateSigningRequest) GetKeyMeta() *KeyMeta
- func (x *X509CertificateSigningRequest) GetPriority() Priority
- func (x *X509CertificateSigningRequest) GetValidity() uint64
- func (*X509CertificateSigningRequest) ProtoMessage()
- func (x *X509CertificateSigningRequest) ProtoReflect() protoreflect.Message
- func (x *X509CertificateSigningRequest) Reset()
- func (x *X509CertificateSigningRequest) String() string
Constants ¶
This section is empty.
Variables ¶
var ( HashAlgo_name = map[int32]string{ 0: "Unspecified_Hash", 1: "SHA224", 2: "SHA256", 3: "SHA384", 4: "SHA512", } HashAlgo_value = map[string]int32{ "Unspecified_Hash": 0, "SHA224": 1, "SHA256": 2, "SHA384": 3, "SHA512": 4, } )
Enum value maps for HashAlgo.
var ( Priority_name = map[int32]string{ 0: "Unspecified_priority", 1: "Low", 2: "Medium", 3: "High", } Priority_value = map[string]int32{ "Unspecified_priority": 0, "Low": 1, "Medium": 2, "High": 3, } )
Enum value maps for Priority.
var File_sign_proto protoreflect.FileDescriptor
var Signing_ServiceDesc = grpc.ServiceDesc{ ServiceName: "v3.Signing", HandlerType: (*SigningServer)(nil), Methods: []grpc.MethodDesc{ { MethodName: "GetX509CertificateAvailableSigningKeys", Handler: _Signing_GetX509CertificateAvailableSigningKeys_Handler, }, { MethodName: "GetX509CACertificate", Handler: _Signing_GetX509CACertificate_Handler, }, { MethodName: "PostX509Certificate", Handler: _Signing_PostX509Certificate_Handler, }, { MethodName: "GetUserSSHCertificateAvailableSigningKeys", Handler: _Signing_GetUserSSHCertificateAvailableSigningKeys_Handler, }, { MethodName: "GetUserSSHCertificateSigningKey", Handler: _Signing_GetUserSSHCertificateSigningKey_Handler, }, { MethodName: "PostUserSSHCertificate", Handler: _Signing_PostUserSSHCertificate_Handler, }, { MethodName: "GetHostSSHCertificateAvailableSigningKeys", Handler: _Signing_GetHostSSHCertificateAvailableSigningKeys_Handler, }, { MethodName: "GetHostSSHCertificateSigningKey", Handler: _Signing_GetHostSSHCertificateSigningKey_Handler, }, { MethodName: "PostHostSSHCertificate", Handler: _Signing_PostHostSSHCertificate_Handler, }, { MethodName: "GetBlobAvailableSigningKeys", Handler: _Signing_GetBlobAvailableSigningKeys_Handler, }, { MethodName: "GetBlobSigningKey", Handler: _Signing_GetBlobSigningKey_Handler, }, { MethodName: "PostSignBlob", Handler: _Signing_PostSignBlob_Handler, }, }, Streams: []grpc.StreamDesc{}, Metadata: "sign.proto", }
Signing_ServiceDesc is the grpc.ServiceDesc for Signing service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func RegisterSigningHandler ¶
func RegisterSigningHandler(ctx context.Context, mux *runtime.ServeMux, conn *grpc.ClientConn) error
RegisterSigningHandler registers the http handlers for service Signing to "mux". The handlers forward requests to the grpc endpoint over "conn".
func RegisterSigningHandlerClient ¶
func RegisterSigningHandlerClient(ctx context.Context, mux *runtime.ServeMux, client SigningClient) error
RegisterSigningHandlerClient registers the http handlers for service Signing to "mux". The handlers forward requests to the grpc endpoint over the given implementation of "SigningClient". Note: the gRPC framework executes interceptors within the gRPC handler. If the passed in "SigningClient" doesn't go through the normal gRPC flow (creating a gRPC client etc.) then it will be up to the passed in "SigningClient" to call the correct interceptors.
func RegisterSigningHandlerFromEndpoint ¶
func RegisterSigningHandlerFromEndpoint(ctx context.Context, mux *runtime.ServeMux, endpoint string, opts []grpc.DialOption) (err error)
RegisterSigningHandlerFromEndpoint is same as RegisterSigningHandler but automatically dials to "endpoint" and closes the connection when "ctx" gets done.
func RegisterSigningHandlerServer ¶
func RegisterSigningHandlerServer(ctx context.Context, mux *runtime.ServeMux, server SigningServer) error
RegisterSigningHandlerServer registers the http handlers for service Signing to "mux". UnaryRPC :call SigningServer directly. StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. Note that using this registration option will cause many gRPC library features to stop working. Consider using RegisterSigningHandlerFromEndpoint instead.
func RegisterSigningServer ¶
func RegisterSigningServer(s grpc.ServiceRegistrar, srv SigningServer)
Types ¶
type BlobSigningRequest ¶
type BlobSigningRequest struct { // Identifies the signing key in the PKCS#11 device used for signing the blob. KeyMeta *KeyMeta `protobuf:"bytes,1,opt,name=key_meta,json=keyMeta,proto3" json:"key_meta,omitempty"` // the hash digest of blob in base64 which will be signed. Digest string `protobuf:"bytes,2,opt,name=digest,proto3" json:"digest,omitempty"` // the algorithm of hash function used to generate the digest // https://golang.org/pkg/crypto/#Hash. HashAlgorithm HashAlgo `protobuf:"varint,3,opt,name=hash_algorithm,json=hashAlgorithm,proto3,enum=v3.HashAlgo" json:"hash_algorithm,omitempty"` // Priority of the request as specified by client. If the server is under heavy load, it may // decide to process higher priority requests before the lower priority requests. // This feature is currently EXPERIMENTAL where priority value is only logged and not used for anything else. // Specific implementation will be based on analysis of client request patterns. Priority Priority `protobuf:"varint,10,opt,name=priority,proto3,enum=v3.Priority" json:"priority,omitempty"` // contains filtered or unexported fields }
func (*BlobSigningRequest) Descriptor
deprecated
func (*BlobSigningRequest) Descriptor() ([]byte, []int)
Deprecated: Use BlobSigningRequest.ProtoReflect.Descriptor instead.
func (*BlobSigningRequest) GetDigest ¶
func (x *BlobSigningRequest) GetDigest() string
func (*BlobSigningRequest) GetHashAlgorithm ¶
func (x *BlobSigningRequest) GetHashAlgorithm() HashAlgo
func (*BlobSigningRequest) GetKeyMeta ¶
func (x *BlobSigningRequest) GetKeyMeta() *KeyMeta
func (*BlobSigningRequest) GetPriority ¶ added in v1.8.0
func (x *BlobSigningRequest) GetPriority() Priority
func (*BlobSigningRequest) ProtoMessage ¶
func (*BlobSigningRequest) ProtoMessage()
func (*BlobSigningRequest) ProtoReflect ¶ added in v1.3.1
func (x *BlobSigningRequest) ProtoReflect() protoreflect.Message
func (*BlobSigningRequest) Reset ¶
func (x *BlobSigningRequest) Reset()
func (*BlobSigningRequest) String ¶
func (x *BlobSigningRequest) String() string
type HashAlgo ¶
type HashAlgo int32
func (HashAlgo) Descriptor ¶ added in v1.3.1
func (HashAlgo) Descriptor() protoreflect.EnumDescriptor
func (HashAlgo) EnumDescriptor
deprecated
func (HashAlgo) Number ¶ added in v1.3.1
func (x HashAlgo) Number() protoreflect.EnumNumber
func (HashAlgo) Type ¶ added in v1.3.1
func (HashAlgo) Type() protoreflect.EnumType
type KeyMeta ¶
type KeyMeta struct { // The id of the key that will be used in crypto operations. Identifier string `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"` // contains filtered or unexported fields }
KeyMeta identifies the private key used in crypto operations.
func (*KeyMeta) Descriptor
deprecated
func (*KeyMeta) GetIdentifier ¶
func (*KeyMeta) ProtoMessage ¶
func (*KeyMeta) ProtoMessage()
func (*KeyMeta) ProtoReflect ¶ added in v1.3.1
func (x *KeyMeta) ProtoReflect() protoreflect.Message
type KeyMetas ¶
type KeyMetas struct { Keys []*KeyMeta `protobuf:"bytes,1,rep,name=keys,proto3" json:"keys,omitempty"` // contains filtered or unexported fields }
KeyMetas contains a list of KeyMetas.
func (*KeyMetas) Descriptor
deprecated
func (*KeyMetas) ProtoMessage ¶
func (*KeyMetas) ProtoMessage()
func (*KeyMetas) ProtoReflect ¶ added in v1.3.1
func (x *KeyMetas) ProtoReflect() protoreflect.Message
type Priority ¶ added in v1.8.0
type Priority int32
func (Priority) Descriptor ¶ added in v1.8.0
func (Priority) Descriptor() protoreflect.EnumDescriptor
func (Priority) EnumDescriptor
deprecated
added in
v1.8.0
func (Priority) Number ¶ added in v1.8.0
func (x Priority) Number() protoreflect.EnumNumber
func (Priority) Type ¶ added in v1.8.0
func (Priority) Type() protoreflect.EnumType
type PublicKey ¶
type PublicKey struct { // The encoded string of the public key. Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` // contains filtered or unexported fields }
PublicKey is a encoded string of the public key specified by users.
func (*PublicKey) Descriptor
deprecated
func (*PublicKey) ProtoMessage ¶
func (*PublicKey) ProtoMessage()
func (*PublicKey) ProtoReflect ¶ added in v1.3.1
func (x *PublicKey) ProtoReflect() protoreflect.Message
type SSHCertificateSigningRequest ¶
type SSHCertificateSigningRequest struct { // Identifies the signing key in the HSM used for signing the certificate. KeyMeta *KeyMeta `protobuf:"bytes,1,opt,name=key_meta,json=keyMeta,proto3" json:"key_meta,omitempty"` // List of usernames or hostnames in the Principals field. Principals []string `protobuf:"bytes,2,rep,name=principals,proto3" json:"principals,omitempty"` // SSH public key. PublicKey string `protobuf:"bytes,3,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"` // Validity period of the certificate in seconds. Validity uint64 `protobuf:"varint,4,opt,name=validity,proto3" json:"validity,omitempty"` // Key ID in the certificate. KeyId string `protobuf:"bytes,5,opt,name=key_id,json=keyId,proto3" json:"key_id,omitempty"` // Critical Options field in the certificate. CriticalOptions map[string]string `` /* 194-byte string literal not displayed */ // Extensions field in the certificate. Extensions map[string]string `` /* 161-byte string literal not displayed */ // Priority of the request as specified by client. If the server is under heavy load, it may // decide to process higher priority requests before the lower priority requests. // This feature is currently EXPERIMENTAL where priority value is only logged and not used for anything else. // Specific implementation will be based on analysis of client request patterns. Priority Priority `protobuf:"varint,10,opt,name=priority,proto3,enum=v3.Priority" json:"priority,omitempty"` // contains filtered or unexported fields }
SSHCertificateSigningRequest specifies the info used for signing an SSH certificate.
func (*SSHCertificateSigningRequest) Descriptor
deprecated
func (*SSHCertificateSigningRequest) Descriptor() ([]byte, []int)
Deprecated: Use SSHCertificateSigningRequest.ProtoReflect.Descriptor instead.
func (*SSHCertificateSigningRequest) GetCriticalOptions ¶
func (x *SSHCertificateSigningRequest) GetCriticalOptions() map[string]string
func (*SSHCertificateSigningRequest) GetExtensions ¶
func (x *SSHCertificateSigningRequest) GetExtensions() map[string]string
func (*SSHCertificateSigningRequest) GetKeyId ¶
func (x *SSHCertificateSigningRequest) GetKeyId() string
func (*SSHCertificateSigningRequest) GetKeyMeta ¶
func (x *SSHCertificateSigningRequest) GetKeyMeta() *KeyMeta
func (*SSHCertificateSigningRequest) GetPrincipals ¶
func (x *SSHCertificateSigningRequest) GetPrincipals() []string
func (*SSHCertificateSigningRequest) GetPriority ¶ added in v1.8.0
func (x *SSHCertificateSigningRequest) GetPriority() Priority
func (*SSHCertificateSigningRequest) GetPublicKey ¶
func (x *SSHCertificateSigningRequest) GetPublicKey() string
func (*SSHCertificateSigningRequest) GetValidity ¶
func (x *SSHCertificateSigningRequest) GetValidity() uint64
func (*SSHCertificateSigningRequest) ProtoMessage ¶
func (*SSHCertificateSigningRequest) ProtoMessage()
func (*SSHCertificateSigningRequest) ProtoReflect ¶ added in v1.3.1
func (x *SSHCertificateSigningRequest) ProtoReflect() protoreflect.Message
func (*SSHCertificateSigningRequest) Reset ¶
func (x *SSHCertificateSigningRequest) Reset()
func (*SSHCertificateSigningRequest) String ¶
func (x *SSHCertificateSigningRequest) String() string
type SSHKey ¶
type SSHKey struct { // The encoded string of the SSH key. Key string `protobuf:"bytes,1,opt,name=key,proto3" json:"key,omitempty"` // contains filtered or unexported fields }
SSHKey specifies an SSH key that can either be an: 1. SSH public key, or 2. SSH user/host certificate
func (*SSHKey) Descriptor
deprecated
func (*SSHKey) ProtoMessage ¶
func (*SSHKey) ProtoMessage()
func (*SSHKey) ProtoReflect ¶ added in v1.3.1
func (x *SSHKey) ProtoReflect() protoreflect.Message
type Signature ¶
type Signature struct { Signature string `protobuf:"bytes,1,opt,name=signature,proto3" json:"signature,omitempty"` // contains filtered or unexported fields }
Signature is a base64 encoded result of signing a blob.
func (*Signature) Descriptor
deprecated
func (*Signature) GetSignature ¶
func (*Signature) ProtoMessage ¶
func (*Signature) ProtoMessage()
func (*Signature) ProtoReflect ¶ added in v1.3.1
func (x *Signature) ProtoReflect() protoreflect.Message
type SigningClient ¶
type SigningClient interface { // GetX509CertificateAvailableSigningKeys returns all available keys that can sign X509 certificates. GetX509CertificateAvailableSigningKeys(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*KeyMetas, error) // GetX509CACertificate returns the CA X509 certificate self-signed by the specified key. GetX509CACertificate(ctx context.Context, in *KeyMeta, opts ...grpc.CallOption) (*X509Certificate, error) // PostX509Certificate signs the given CSR using the specified key and returns a PEM encoded X509 certificate. PostX509Certificate(ctx context.Context, in *X509CertificateSigningRequest, opts ...grpc.CallOption) (*X509Certificate, error) // GetUserSSHCertificateAvailableSigningKeys returns all available keys that can sign user SSH certificates. GetUserSSHCertificateAvailableSigningKeys(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*KeyMetas, error) // GetUserSSHCertificateSigningKey returns the public signing key of the // specified key that signs the user ssh certificate. GetUserSSHCertificateSigningKey(ctx context.Context, in *KeyMeta, opts ...grpc.CallOption) (*SSHKey, error) // PostUserSSHCertificate signs the SSH user certificate given request fields using the specified key. PostUserSSHCertificate(ctx context.Context, in *SSHCertificateSigningRequest, opts ...grpc.CallOption) (*SSHKey, error) // GetHostSSHCertificateAvailableSigningKeys returns all available keys that can sign host SSH certificates. GetHostSSHCertificateAvailableSigningKeys(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*KeyMetas, error) // GetHostSSHCertificateSigningKey returns the public signing key of the // specified key that signs the host ssh certificate. GetHostSSHCertificateSigningKey(ctx context.Context, in *KeyMeta, opts ...grpc.CallOption) (*SSHKey, error) // PostHostSSHCertificate signs the SSH host certificate given request fields using the specified key. PostHostSSHCertificate(ctx context.Context, in *SSHCertificateSigningRequest, opts ...grpc.CallOption) (*SSHKey, error) // GetBlobAvailableSigningKeys returns all available keys that can sign GetBlobAvailableSigningKeys(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*KeyMetas, error) // GetBlobSigningKey returns the public signing key of the // specified key that signs the user's data. GetBlobSigningKey(ctx context.Context, in *KeyMeta, opts ...grpc.CallOption) (*PublicKey, error) // PostSignBlob signs the digest using the specified key. PostSignBlob(ctx context.Context, in *BlobSigningRequest, opts ...grpc.CallOption) (*Signature, error) }
SigningClient is the client API for Signing service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewSigningClient ¶
func NewSigningClient(cc grpc.ClientConnInterface) SigningClient
type SigningServer ¶
type SigningServer interface { // GetX509CertificateAvailableSigningKeys returns all available keys that can sign X509 certificates. GetX509CertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error) // GetX509CACertificate returns the CA X509 certificate self-signed by the specified key. GetX509CACertificate(context.Context, *KeyMeta) (*X509Certificate, error) // PostX509Certificate signs the given CSR using the specified key and returns a PEM encoded X509 certificate. PostX509Certificate(context.Context, *X509CertificateSigningRequest) (*X509Certificate, error) // GetUserSSHCertificateAvailableSigningKeys returns all available keys that can sign user SSH certificates. GetUserSSHCertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error) // GetUserSSHCertificateSigningKey returns the public signing key of the // specified key that signs the user ssh certificate. GetUserSSHCertificateSigningKey(context.Context, *KeyMeta) (*SSHKey, error) // PostUserSSHCertificate signs the SSH user certificate given request fields using the specified key. PostUserSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error) // GetHostSSHCertificateAvailableSigningKeys returns all available keys that can sign host SSH certificates. GetHostSSHCertificateAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error) // GetHostSSHCertificateSigningKey returns the public signing key of the // specified key that signs the host ssh certificate. GetHostSSHCertificateSigningKey(context.Context, *KeyMeta) (*SSHKey, error) // PostHostSSHCertificate signs the SSH host certificate given request fields using the specified key. PostHostSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error) // GetBlobAvailableSigningKeys returns all available keys that can sign GetBlobAvailableSigningKeys(context.Context, *emptypb.Empty) (*KeyMetas, error) // GetBlobSigningKey returns the public signing key of the // specified key that signs the user's data. GetBlobSigningKey(context.Context, *KeyMeta) (*PublicKey, error) // PostSignBlob signs the digest using the specified key. PostSignBlob(context.Context, *BlobSigningRequest) (*Signature, error) // contains filtered or unexported methods }
SigningServer is the server API for Signing service. All implementations must embed UnimplementedSigningServer for forward compatibility
type UnimplementedSigningServer ¶
type UnimplementedSigningServer struct { }
UnimplementedSigningServer must be embedded to have forward compatible implementations.
func (UnimplementedSigningServer) GetBlobAvailableSigningKeys ¶
func (UnimplementedSigningServer) GetBlobSigningKey ¶
func (UnimplementedSigningServer) GetHostSSHCertificateAvailableSigningKeys ¶
func (UnimplementedSigningServer) GetHostSSHCertificateSigningKey ¶
func (UnimplementedSigningServer) GetUserSSHCertificateAvailableSigningKeys ¶
func (UnimplementedSigningServer) GetUserSSHCertificateSigningKey ¶
func (UnimplementedSigningServer) GetX509CACertificate ¶
func (UnimplementedSigningServer) GetX509CACertificate(context.Context, *KeyMeta) (*X509Certificate, error)
func (UnimplementedSigningServer) GetX509CertificateAvailableSigningKeys ¶
func (UnimplementedSigningServer) PostHostSSHCertificate ¶
func (UnimplementedSigningServer) PostHostSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error)
func (UnimplementedSigningServer) PostSignBlob ¶
func (UnimplementedSigningServer) PostSignBlob(context.Context, *BlobSigningRequest) (*Signature, error)
func (UnimplementedSigningServer) PostUserSSHCertificate ¶
func (UnimplementedSigningServer) PostUserSSHCertificate(context.Context, *SSHCertificateSigningRequest) (*SSHKey, error)
func (UnimplementedSigningServer) PostX509Certificate ¶
func (UnimplementedSigningServer) PostX509Certificate(context.Context, *X509CertificateSigningRequest) (*X509Certificate, error)
type UnsafeSigningServer ¶ added in v1.3.1
type UnsafeSigningServer interface {
// contains filtered or unexported methods
}
UnsafeSigningServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to SigningServer will result in compilation errors.
type X509Certificate ¶
type X509Certificate struct { // The X509 certificate encoded in PEM format. Cert string `protobuf:"bytes,1,opt,name=cert,proto3" json:"cert,omitempty"` // contains filtered or unexported fields }
X509Certificate specifies an X509 certificate.
func (*X509Certificate) Descriptor
deprecated
func (*X509Certificate) Descriptor() ([]byte, []int)
Deprecated: Use X509Certificate.ProtoReflect.Descriptor instead.
func (*X509Certificate) GetCert ¶
func (x *X509Certificate) GetCert() string
func (*X509Certificate) ProtoMessage ¶
func (*X509Certificate) ProtoMessage()
func (*X509Certificate) ProtoReflect ¶ added in v1.3.1
func (x *X509Certificate) ProtoReflect() protoreflect.Message
func (*X509Certificate) Reset ¶
func (x *X509Certificate) Reset()
func (*X509Certificate) String ¶
func (x *X509Certificate) String() string
type X509CertificateSigningRequest ¶
type X509CertificateSigningRequest struct { // Identifies the signing key in the HSM used for signing the certificate. KeyMeta *KeyMeta `protobuf:"bytes,1,opt,name=key_meta,json=keyMeta,proto3" json:"key_meta,omitempty"` // X509 certificate signing request encoded in PEM format. Csr string `protobuf:"bytes,2,opt,name=csr,proto3" json:"csr,omitempty"` // Validity period of the certificate in seconds. Validity uint64 `protobuf:"varint,3,opt,name=validity,proto3" json:"validity,omitempty"` // X509 certificate ExtKeyUsage. // https://godoc.org/crypto/x509#ExtKeyUsage ExtKeyUsage []int32 `protobuf:"varint,4,rep,packed,name=ext_key_usage,json=extKeyUsage,proto3" json:"ext_key_usage,omitempty"` // Priority of the request as specified by client. If the server is under heavy load, it may // decide to process higher priority requests before the lower priority requests. // This feature is currently EXPERIMENTAL where priority value is only logged and not used for anything else. // Specific implementation will be based on analysis of client request patterns. Priority Priority `protobuf:"varint,10,opt,name=priority,proto3,enum=v3.Priority" json:"priority,omitempty"` // contains filtered or unexported fields }
X509CertificateSigningRequest specifies the info used for signing an X509 certificate.
func (*X509CertificateSigningRequest) Descriptor
deprecated
func (*X509CertificateSigningRequest) Descriptor() ([]byte, []int)
Deprecated: Use X509CertificateSigningRequest.ProtoReflect.Descriptor instead.
func (*X509CertificateSigningRequest) GetCsr ¶
func (x *X509CertificateSigningRequest) GetCsr() string
func (*X509CertificateSigningRequest) GetExtKeyUsage ¶
func (x *X509CertificateSigningRequest) GetExtKeyUsage() []int32
func (*X509CertificateSigningRequest) GetKeyMeta ¶
func (x *X509CertificateSigningRequest) GetKeyMeta() *KeyMeta
func (*X509CertificateSigningRequest) GetPriority ¶ added in v1.8.0
func (x *X509CertificateSigningRequest) GetPriority() Priority
func (*X509CertificateSigningRequest) GetValidity ¶
func (x *X509CertificateSigningRequest) GetValidity() uint64
func (*X509CertificateSigningRequest) ProtoMessage ¶
func (*X509CertificateSigningRequest) ProtoMessage()
func (*X509CertificateSigningRequest) ProtoReflect ¶ added in v1.3.1
func (x *X509CertificateSigningRequest) ProtoReflect() protoreflect.Message
func (*X509CertificateSigningRequest) Reset ¶
func (x *X509CertificateSigningRequest) Reset()
func (*X509CertificateSigningRequest) String ¶
func (x *X509CertificateSigningRequest) String() string