Documentation ¶
Overview ¶
Package securesession defines a client for making RPC calls to the SecureSession service.
Index ¶
- Variables
- type SecureSessionClient
- func (c *SecureSessionClient) ConfidentialUnwrap(ctx context.Context, keyPath, resourceName string, wrappedBlob []byte) ([]byte, error)
- func (c *SecureSessionClient) ConfidentialWrap(ctx context.Context, keyPath, resourceName string, plaintext []byte) ([]byte, error)
- func (c *SecureSessionClient) EndSession(ctx context.Context) error
- type SecureSessionOption
Constants ¶
This section is empty.
Variables ¶
var DefaultSecureSessionOptions = []SecureSessionOption{ HTTPCertPool(nil), SkipTLSVerify(false), }
DefaultSecureSessionOptions control the default values before applying options passed to EstablishSecureSession.
Functions ¶
This section is empty.
Types ¶
type SecureSessionClient ¶
type SecureSessionClient struct {
// contains filtered or unexported fields
}
SecureSessionClient is a SecureSession service client.
func EstablishSecureSession ¶
func EstablishSecureSession(ctx context.Context, addr, authToken string, opts ...SecureSessionOption) (*SecureSessionClient, error)
EstablishSecureSession takes in a service address and performs the handshaking flow, returning a Client object with the fully-established secure session, or an error if one of the steps in the handshake failed.
func (*SecureSessionClient) ConfidentialUnwrap ¶
func (c *SecureSessionClient) ConfidentialUnwrap(ctx context.Context, keyPath, resourceName string, wrappedBlob []byte) ([]byte, error)
ConfidentialUnwrap uses the established secure session to unwrap the given blob via the given key path and resource name, returning the plaintext.
func (*SecureSessionClient) ConfidentialWrap ¶
func (c *SecureSessionClient) ConfidentialWrap(ctx context.Context, keyPath, resourceName string, plaintext []byte) ([]byte, error)
ConfidentialWrap uses the established secure session to wrap the given plaintext using the specified key path and resource name, returning the wrapped blob.
func (*SecureSessionClient) EndSession ¶
func (c *SecureSessionClient) EndSession(ctx context.Context) error
EndSession explicitly closes the previous established secure session.
type SecureSessionOption ¶
type SecureSessionOption func(*secureSessionOptions)
SecureSessionOption configures EstablishSecureSession.
func HTTPCertPool ¶
func HTTPCertPool(pool *x509.CertPool) SecureSessionOption
HTTPCertPool sets an explicitly-configured x509.CertPool for the HTTPS connection. Passing this option again will overwrite earlier values.
func SkipTLSVerify ¶
func SkipTLSVerify(skipTLSVerify bool) SecureSessionOption
SkipTLSVerify specifies whether the inner TLS session's certificate should be validated. Passing this option again will overwrite earlier values.