signer

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 17, 2023 License: MIT Imports: 31 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Log *logrus.Entry

Functions

func NewAlgorithmSignerFromSigner 

func NewAlgorithmSignerFromSigner(signer crypto.Signer, algorithm string) (ssh.Signer, error)

NewAlgorithmSignerFromSigner returns a ssh.Signer with a different default algorithm. Waiting for upstream changes to x/crypto/ssh, see: https://github.com/golang/go/issues/36261

func SignCertificateAWS 

func SignCertificateAWS(publicKey ssh.PublicKey, token string, forceCommand string, region string, c *config.SSHrimp) (*ssh.Certificate, error)

SignCertificateAWS given a public key, identity token and forceCommand, invoke the sshrimp-ca lambda function

func SignCertificateAllRegions 

func SignCertificateAllRegions(publicKey ssh.PublicKey, token string, forceCommand string, c *config.SSHrimp) (*ssh.Certificate, error)

SignCertificateAllRegions iterate through each configured region if there is an error signing the certificate

func SignCertificateGCP 

func SignCertificateGCP(publicKey ssh.PublicKey, token string, forceCommand string, region string, c *config.SSHrimp) (*ssh.Certificate, error)

SignCertificateGCP given a public key, identity token and forceCommand, invoke the sshrimp-ca GCP function

func ValidateRequest 

func ValidateRequest(event SSHrimpEvent, c *config.SSHrimp, requestID string, functionID string) (ssh.Certificate, error)

Types

type AWSSigner 

type AWSSigner struct {
	crypto.Signer
	// contains filtered or unexported fields
}

KMSSigner an AWS asymetric crypto signer

func NewAWSSigner 

func NewAWSSigner(key string) *AWSSigner

NewKMSSigner return a new instsance of AWSSigner

func (*AWSSigner) Public 

func (s *AWSSigner) Public() crypto.PublicKey

Public returns the public key from KMS

func (*AWSSigner) Sign 

func (s *AWSSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign a digest with the private key in KMS

type GCPSigner 

type GCPSigner struct {
	crypto.Signer
	// contains filtered or unexported fields
}

GCPSigner a GCP asymetric crypto signer

func NewGCPSSigner 

func NewGCPSSigner(key string) *GCPSigner

NewGCPSSigner return a new instsance of NewGCPSSigner

func (*GCPSigner) Public 

func (s *GCPSigner) Public() crypto.PublicKey

Public returns the public key from KMS

func (*GCPSigner) Sign 

func (s *GCPSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)

Sign a digest with the private key in KMS

type SSHrimpEvent 

type SSHrimpEvent struct {
	PublicKey     string `json:"publickey"`
	Token         string `json:"token"`
	SourceAddress string `json:"sourceaddress"`
	ForceCommand  string `json:"forcecommand"`
}

SSHrimpEvent encodes the user input for the sshrimp-ca lambda

type SSHrimpResult 

type SSHrimpResult struct {
	Certificate  string `json:"certificate"`
	ErrorMessage string `json:"errorMessage"`
	ErrorType    string `json:"errorType"`
}

SSHrimpResult encodes the payload format returned from the sshrimp-ca lambda

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.