cryptoservice

package
v0.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 14, 2021 License: Apache-2.0 Imports: 12 Imported by: 75

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrNoValidPrivateKey is returned if a key being imported doesn't
	// look like a private key
	ErrNoValidPrivateKey = errors.New("no valid private key found")

	// ErrRootKeyNotEncrypted is returned if a root key being imported is
	// unencrypted
	ErrRootKeyNotEncrypted = errors.New("only encrypted root keys may be imported")

	// EmptyService is an empty crypto service
	EmptyService = NewCryptoService()
)

Functions

func CheckRootKeyIsEncrypted added in v0.3.0

func CheckRootKeyIsEncrypted(pemBytes []byte) error

CheckRootKeyIsEncrypted makes sure the root key is encrypted. We have internal assumptions that depend on this.

func GenerateCertificate

func GenerateCertificate(rootKey data.PrivateKey, gun data.GUN, startTime, endTime time.Time) (*x509.Certificate, error)

GenerateCertificate generates an X509 Certificate from a template, given a GUN and validity interval

Types

type CryptoService

type CryptoService struct {
	// contains filtered or unexported fields
}

CryptoService implements Sign and Create, holding a specific GUN and keystore to operate on

func NewCryptoService

func NewCryptoService(keyStores ...trustmanager.KeyStore) *CryptoService

NewCryptoService returns an instance of CryptoService

func (*CryptoService) AddKey added in v0.3.0

func (cs *CryptoService) AddKey(role data.RoleName, gun data.GUN, key data.PrivateKey) (err error)

AddKey adds a private key to a specified role. The GUN is inferred from the cryptoservice itself for non-root roles

func (*CryptoService) Create

func (cs *CryptoService) Create(role data.RoleName, gun data.GUN, algorithm string) (data.PublicKey, error)

Create is used to generate keys for targets, snapshots and timestamps

func (*CryptoService) GetKey

func (cs *CryptoService) GetKey(keyID string) data.PublicKey

GetKey returns a key by ID

func (*CryptoService) GetKeyInfo added in v0.3.0

func (cs *CryptoService) GetKeyInfo(keyID string) (trustmanager.KeyInfo, error)

GetKeyInfo returns role and GUN info of a key by ID

func (*CryptoService) GetPrivateKey

func (cs *CryptoService) GetPrivateKey(keyID string) (k data.PrivateKey, role data.RoleName, err error)

GetPrivateKey returns a private key and role if present by ID.

func (*CryptoService) ListAllKeys

func (cs *CryptoService) ListAllKeys() map[string]data.RoleName

ListAllKeys returns a map of key IDs to role

func (*CryptoService) ListKeys

func (cs *CryptoService) ListKeys(role data.RoleName) []string

ListKeys returns a list of key IDs valid for the given role

func (*CryptoService) RemoveKey

func (cs *CryptoService) RemoveKey(keyID string) (err error)

RemoveKey deletes a key by ID

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL