Documentation
¶
Overview ¶
Package provider implements a common interface for token and smartcards which provide secret key material.
Index ¶
Constants ¶
This section is empty.
Variables ¶
Functions ¶
Types ¶
type CardFilter ¶
type MultiProvider ¶
type MultiProvider struct {
// contains filtered or unexported fields
}
func NewProvider ¶
func NewProvider(cfg MultiProviderConfig) (p *MultiProvider, err error)
func (*MultiProvider) Close ¶
func (p *MultiProvider) Close() error
func (*MultiProvider) DestroyKey ¶
func (p *MultiProvider) DestroyKey(KeyID) error
func (*MultiProvider) Keys ¶
func (p *MultiProvider) Keys() (allKeys []KeyID, err error)
func (*MultiProvider) OpenKey ¶
func (p *MultiProvider) OpenKey(KeyID) (PrivateKey, error)
type MultiProviderConfig ¶
type MultiProviderConfig struct {
TPMPaths []string
FilterCards CardFilter
FilterTPMs TPMFilter
}
type PrivateKey ¶
type PrivateKey interface {
// ID returns the keys unique identifier.
// For elliptic curve keys its the SHA256 digest of the public key.
// For HMAC keys its the output of HMAC([]).
ID() KeyID
// Details returns a dictionary of the keys auxiliary attributes.
Details() map[string]any
// Close closes any internal handles to the key.
Close() error
}
type PrivateKeyDH ¶
type PrivateKeyDH interface {
PrivateKey
ecdh.PrivateKey
}
type PrivateKeyHMAC ¶
type PrivateKeyHMAC interface {
PrivateKey
HMAC(challenge []byte) ([]byte, error)
}
type Provider ¶
type Provider interface {
// Keys enumerates all keys available via this provider.
Keys() ([]KeyID, error)
// CreateKey creates a new key with the given human-readable label.
CreateKey(label string) (KeyID, error)
// OpenKey opens a key for cryptographic operations.
OpenKey(KeyID) (PrivateKey, error)
// DestroyKey removes the cryptographic key material from the provider.
DestroyKey(KeyID) error
}
Source Files
Click to show internal directories.
Click to hide internal directories.