keymanagement

package

v0.4.2 Latest Latest Go to latest Published: Jul 23, 2021 License: Apache-2.0 Imports: 21 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/ponci-berlin/ponci

Links

Open Source Insights

Documentation ¶

Index ¶

func GenerateBundle(logger *zap.Logger, keySets []KeySet) (cborBundle []byte, err error)
func GenerateSignedBundle(logger *zap.Logger, keySets []KeySet, signKey *ecdsa.PrivateKey, kid []byte) (signedBundle []byte, err error)
func NewKeyID(pub *ecdsa.PublicKey) []byte
func NewRandomString() []byte
func RollKeys(logger *zap.Logger, writeDebugFiles bool, debugFilePath string, ...) ([]byte, *ecdsa.PrivateKey, []byte, error)
func WriteHexFile(key []byte, target string) error
type Bundle
type KeyManager
- func New(logger *zap.Logger, keyPath string, certPath string) (*KeyManager, error)
type KeyRecord
- func (KeyRecord) TableName() string
type KeySet
- func (ks *KeySet) MarshalCBOR() ([]byte, error)
- func (ks *KeySet) Save(db *gorm.DB) error
type SubmitKeysRequest

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GenerateBundle ¶

func GenerateBundle(logger *zap.Logger, keySets []KeySet) (cborBundle []byte, err error)

GenerateBundle generates an unsigned bundle.

func GenerateSignedBundle ¶

func GenerateSignedBundle(
	logger *zap.Logger,
	keySets []KeySet,
	signKey *ecdsa.PrivateKey,
	kid []byte,
) (signedBundle []byte, err error)

GenerateSignedBundle creates a SignMessage containing the bundle, signed with signKey.

func NewKeyID ¶

func NewKeyID(pub *ecdsa.PublicKey) []byte

func NewRandomString ¶

func NewRandomString() []byte

func RollKeys ¶

func RollKeys(
	logger *zap.Logger,
	writeDebugFiles bool,
	debugFilePath string,
	debugFilePrefix string,
) ([]byte, *ecdsa.PrivateKey, []byte, error)

func WriteHexFile ¶

func WriteHexFile(key []byte, target string) error

Types ¶

type Bundle ¶

type Bundle struct {
	Version int16
	Date    time.Time // utc unix timestamp
	Keys    []cborKeySet
}

type KeyManager ¶

type KeyManager struct {
	// contains filtered or unexported fields
}

func New ¶

func New(logger *zap.Logger, keyPath string, certPath string) (*KeyManager, error)

func (*KeyManager) GenerateSignedBundle ¶

func (km *KeyManager) GenerateSignedBundle(logger *zap.Logger, dbHandle *gorm.DB) ([]byte, error)

func (*KeyManager) GetKeyID ¶

func (km *KeyManager) GetKeyID() []byte

func (*KeyManager) GetRawCert ¶

func (km *KeyManager) GetRawCert() []byte

func (*KeyManager) GetSigningKey ¶

func (km *KeyManager) GetSigningKey() *ecdsa.PrivateKey

func (*KeyManager) SetKeyID ¶

func (km *KeyManager) SetKeyID(id []byte)

type KeyRecord ¶

type KeyRecord struct {
	gorm.Model
	CredType  credential.Type
	AESKey    []byte
	ECCKey    []byte
	OrgID     string
	ValidFrom time.Time
	ValidTo   time.Time
}

KeyRecord represents a keyset in the database. This is only for use with GORM. Use the KeySet type instead TODO replace this with a better solution.

func (KeyRecord) TableName ¶

func (KeyRecord) TableName() string

type KeySet ¶

type KeySet struct {
	CredType  credential.Type
	AESKey    []byte
	ECCKey    *ecdsa.PublicKey `gorm:"type:bytes"`
	OrgID     string
	ValidFrom time.Time `cbor:"-"`
	ValidTo   time.Time `cbor:"-"`
}

func GetValidKeySets ¶

func GetValidKeySets(logger *zap.Logger, dbHandle *gorm.DB) ([]KeySet, error)

func KeySetFromCBOR ¶ added in v0.2.6

func KeySetFromCBOR(marshalledKeySet []byte) (KeySet, error)

func ParseSubmitKeysRequest ¶

func ParseSubmitKeysRequest(reqBytes []byte, orgID string) (KeySet, error)

func (*KeySet) MarshalCBOR ¶

func (ks *KeySet) MarshalCBOR() ([]byte, error)

func (*KeySet) Save ¶

func (ks *KeySet) Save(db *gorm.DB) error

type SubmitKeysRequest ¶

type SubmitKeysRequest struct {
	CredType credential.Type
	AesKey   cbor.RawMessage
	ECCKey   cbor.RawMessage
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL