sshagentkms

package

v0.23.2 Latest Latest Go to latest Published: Jan 24, 2023 License: Apache-2.0 Imports: 17 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smallstep/crypto

Links

Open Source Insights

Documentation ¶

Index ¶

func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer
type SSHAgentKMS
- func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error)
- func NewFromAgent(ctx context.Context, opts apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error)
type WrappedSSHSigner

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewWrappedSignerFromSSHSigner ¶

func NewWrappedSignerFromSSHSigner(signer ssh.Signer) crypto.Signer

NewWrappedSignerFromSSHSigner returns a new crypto signer wrapping the given one.

Types ¶

type SSHAgentKMS ¶

type SSHAgentKMS struct {
	// contains filtered or unexported fields
}

SSHAgentKMS is a key manager that uses keys provided by ssh-agent

func New ¶

func New(ctx context.Context, opts apiv1.Options) (*SSHAgentKMS, error)

New returns a new SSHAgentKMS.

func NewFromAgent ¶

func NewFromAgent(ctx context.Context, opts apiv1.Options, agentClient agent.Agent) (*SSHAgentKMS, error)

NewFromAgent initializes an SSHAgentKMS from a given agent, this method is used for testing purposes.

func (*SSHAgentKMS) Close ¶

func (k *SSHAgentKMS) Close() error

Close closes the agent. This is a noop for the SSHAgentKMS.

func (*SSHAgentKMS) CreateKey ¶

func (k *SSHAgentKMS) CreateKey(req *apiv1.CreateKeyRequest) (*apiv1.CreateKeyResponse, error)

CreateKey generates a new key and returns both public and private key.

func (*SSHAgentKMS) CreateSigner ¶

func (k *SSHAgentKMS) CreateSigner(req *apiv1.CreateSignerRequest) (crypto.Signer, error)

CreateSigner returns a new signer configured with the given signing key. Note that because of the way an SSH agent and x509.CreateCertificate works, this signer can only properly sign X509 certificates if the key type is Ed25519.

func (*SSHAgentKMS) GetPublicKey ¶

func (k *SSHAgentKMS) GetPublicKey(req *apiv1.GetPublicKeyRequest) (crypto.PublicKey, error)

GetPublicKey returns the public key from the file passed in the request name.

type WrappedSSHSigner ¶

type WrappedSSHSigner struct {
	Signer ssh.Signer
	// contains filtered or unexported fields
}

WrappedSSHSigner is a utility type to wrap a ssh.Signer as a crypto.Signer

func (*WrappedSSHSigner) LastSignature ¶

func (s *WrappedSSHSigner) LastSignature() *ssh.Signature

LastSignature returns the ssh.Signature in the last sign operation if any.

func (*WrappedSSHSigner) Public ¶

func (s *WrappedSSHSigner) Public() crypto.PublicKey

Public returns the agent public key. The type of this public key is *agent.Key.

func (*WrappedSSHSigner) Sign ¶

func (s *WrappedSSHSigner) Sign(rand io.Reader, data []byte, opts crypto.SignerOpts) (signature []byte, err error)

Sign signs the given digest using the ssh agent and returns the signature. Note that because of the way an SSH agent and x509.CreateCertificate works, this signer can only properly sign X509 certificates if the key type is Ed25519.

Source Files ¶

View all Source files

sshagentkms.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL