kmipapi

package
v1.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 4, 2023 License: MIT Imports: 19 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MaxSupportedProtocolVersionMajor int = 2
	MaxSupportedProtocolVersionMinor int = 0
	MinSupportedProtocolVersionMajor int = 1
	MinSupportedProtocolVersionMinor int = 4
)

Protocol

View Source 
const (
	QueryOpsOperation  = "1"
	QueryOpsServerInfo = "3"
)
View Source 
const (
	KMIP14Service string = "kmip14"
	KMIP20Service string = "kmip20"
)

Supported interfaces

View Source 
const (
	DefaultBufferSize = 4096
)
View Source 
const (
	LastUID = "lastuid"
)

Variables

This section is empty.

Functions

func ActivateKey 

func ActivateKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)

ActivateKey: Activate a key created using a unique identifier

func BatchCmdAddItem added in v1.1.0 

func BatchCmdAddItem(ctx context.Context, BatchList []kmip.RequestBatchItem, BatchItems BatchListItem, batchnum []byte, batchcount byte) ([]kmip.RequestBatchItem, []byte, error)

func BatchCmdCreateList added in v1.1.0 

func BatchCmdCreateList() []kmip.RequestBatchItem

func BatchCmdGenerateMessage added in v1.1.0 

func BatchCmdGenerateMessage(ctx context.Context, settings *ConfigurationSettings, payload []kmip.RequestBatchItem) (kmip.RequestMessage, error)

func CloseSession 

func CloseSession(ctx context.Context, settings *ConfigurationSettings) error

CloseSession: Close the TLS connection with the KMS Server

func CreateKey 

func CreateKey(ctx context.Context, settings *ConfigurationSettings, id string) (string, error)

CreateKey: Create a unique identifier for a id and return that uid

func DestroyKey 

func DestroyKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)

DestroyKey: destroy a key based on UID

func DiscoverServer 

func DiscoverServer(ctx context.Context, settings *ConfigurationSettings, clientVersions []kmip.ProtocolVersion) ([]kmip.ProtocolVersion, error)

Discover: Perform a discover operation to retrieve KMIP protocol versions supported.

func GetAttribute added in v1.0.0 

func GetAttribute(ctx context.Context, settings *ConfigurationSettings, uid string, attribname1 string) (string, error)

GetAttribute: Register a key

func GetCommand added in v0.3.1 

func GetCommand(line string) string

GetCommand: returns the first string from a command line, separated by spaces

func GetKey 

func GetKey(ctx context.Context, settings *ConfigurationSettings, uid string) (key *string, err error)

GetKey: Retrieve a key for a specified UID

func GetValue added in v0.3.1 

func GetValue(line, key string) string

GetValue: returns a value from a key=value pair

func LocateUid 

func LocateUid(ctx context.Context, settings *ConfigurationSettings, id string, attribname1 string, attribvalue1 string, attribname2 string, attribvalue2 string) (string, error)

LocateUid: retrieve a UID for a ID

func OpenSession 

func OpenSession(ctx context.Context, settings *ConfigurationSettings) error

OpenSession: Read PEM files and establish a TLS connection with the KMS server

func QueryServer 

func QueryServer(ctx context.Context, settings *ConfigurationSettings, queryops []kmip14.QueryFunction) (string, error)

QueryServer: Perform a query operation.

func ReKey added in v0.3.2 

func ReKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)

ReKey: Assign a new KMIP key for a uid

func RegisterKey added in v1.0.0 

func RegisterKey(ctx context.Context, settings *ConfigurationSettings, keymaterial string, keyformat string, datatype string, objgrp string, attribname1 string, attribvalue1 string, attribname2 string, attribvalue2 string, attribname3 string, attribvalue3 string, attribname4 string, attribvalue4 string, objtype string, name string) (string, error)

RegisterKey: Register a key

func Restore added in v0.3.1 

func Restore(ctx context.Context, settings *ConfigurationSettings, filename string) (err error)

Restore: Read all configuration settings from a JSON file

func RevokeKey 

func RevokeKey(ctx context.Context, settings *ConfigurationSettings, uid string, reason uint32) (string, error)

RevokeKey: revoke a key based on UID

func SendRequestMessage 

func SendRequestMessage(ctx context.Context, settings *ConfigurationSettings, operation uint32, payload interface{}, dobatch bool) (*ttlv.Decoder, *kmip.ResponseBatchItem, error)

SendRequestMessage: Send a KMIP request message

func SetAttribute added in v0.3.2 

func SetAttribute(ctx context.Context, settings *ConfigurationSettings, uid, attributeName, attributeValue string) (string, error)

SetAttribute: Set an attribute name and value for an uid

func SetValue added in v1.0.0 

func SetValue(key, value string)

SetValue: store a value in a global table to be used with script variables ${variable}

func Store added in v0.3.1 

func Store(ctx context.Context, settings *ConfigurationSettings) (err error)

Store: Save all configuration settings to a JSON file

func ZeroizeMemory added in v1.1.1 

func ZeroizeMemory(data []byte)

ZeroizeMemory: Write '0' to a memory location

Types

type ActivateKeyRequest 

type ActivateKeyRequest struct {
	// Contains all attributes of a caller request to activate a KMIP key.
	UniqueIdentifier string
	Operation        kmip14.Operation
}

type ActivateKeyResponse 

type ActivateKeyResponse struct {
	// Contains all attributes of the Activate key operation that are relevant to the caller.
	UniqueIdentifier string
}

type BatchListItem added in v1.1.0 

type BatchListItem struct {
	Operation      kmip14.Operation
	RequestPayload interface{}
}

type ConfigurationSettings added in v0.3.1 

type ConfigurationSettings struct {
	SaveSettingsToFile   bool      `json:"save_settings_to_file"`  // Save the configuration settings to a file
	SettingsFile         string    `json:"settings_file"`          // Configuration settings storage file
	KmsServerName        string    `json:"kms_server_name"`        // KMS server name for informational purposes
	KmsServerIp          string    `json:"kms_server_ip"`          // KMS server IP address
	KmsServerPort        string    `json:"kms_server_port"`        // KMS server sort, typically 5696
	CertAuthFile         string    `json:"cert_auth_file"`         // Client certificate authority PEM file
	KeyFile              string    `json:"key_file"`               // Client private key PEM file
	CertFile             string    `json:"cert_file"`              // Client certificate PEM file
	Connection           *tls.Conn `json:"connection"`             // The TLS connection object returned from Dial
	ProtocolVersionMajor int       `json:"protocol_version_major"` // Major version, 1, 2, or 3
	ProtocolVersionMinor int       `json:"protocol_version_minor"` // Minor version for 1.4 or 2.0
	ServiceType          string    `json:"service_type"`           // The KMIP version service string, kmip14, kmip20, etc
	ShowElapsed          bool      `json:"show_elapsed"`           // Display the elapsed time for each command executed.
}

type CreateKeyRequest 

type CreateKeyRequest struct {
	// Contains all attributes of a caller request to create a KMIP key.
	// Define if this is a certificate or key, the alg, length, and mask.
	Id                     string
	Type                   kmip14.ObjectType
	Algorithm              kmip14.CryptographicAlgorithm
	CryptographicLength    uint32
	CryptographicUsageMask uint32
	Operation              kmip14.Operation
}

type CreateKeyResponse 

type CreateKeyResponse struct {
	// Contains all attributes of the newly created key that are relevant to the caller.
	Key               string
	TimeStamp         time.Time // (DateTime/8): 2021-10-11 17:53:05 +0000 UTC
	BatchCount        int       // (Integer/4): 1
	Operation         int       // (Enumeration/4): Create
	UniqueBatchItemID []byte    // (ByteString/16): 0x44ce32c10ee5421bb8e0eb6892dfeccb
	ResultStatus      int       // (Enumeration/4): Success
	ObjectType        int       // (Enumeration/4): SymmetricKey
	UniqueIdentifier  string    // (TextString/1): 7
}

type CreateNullStruct added in v1.1.0 

type CreateNullStruct struct{}

type DeleteKeyRequest 

type DeleteKeyRequest struct {
	// Contains all attributes of a caller request to delete a KMIP key.
	Type      kmip14.ObjectType
	Operation kmip14.Operation
}

type DeleteKeyResponse 

type DeleteKeyResponse struct {
	// Contains all attributes of the delete key operation that are relevant to the caller.
	TimeStamp    time.Time // (DateTime/8): 2021-10-11 17:53:05 +0000 UTC
	ResultStatus int       // (Enumeration/4): Success
}

type DestroyKeyRequest 

type DestroyKeyRequest struct {
	// Contains all attributes of a caller request to destroy a KMIP key.
	UniqueIdentifier string
	Operation        kmip14.Operation
}

type DestroyKeyResponse 

type DestroyKeyResponse struct {
	// Contains all attributes of the destroy key operation that are relevant to the caller.
	UniqueIdentifier string
}

type DiscoverRequest 

type DiscoverRequest struct {
	ClientVersions []kmip.ProtocolVersion
}

Discover: The response payload contains a list of protocol versions that are supported by the server. The protocol versions are ranked in decreasing order of preference. If the client provides the server with a list of supported protocol versions in the request payload, the server SHALL return only the protocol versions that are supported by both the client and server. The server SHOULD list all the protocol versions supported by both client and server. If the protocol version specified in the request header is not specified in the request payload and the server does not support any protocol version specified in the request payload, the server SHALL return an empty list in the response payload. If no protocol versions are specified in the request payload, the server SHOULD return all the protocol versions that are supported by the server.

type DiscoverResponse 

type DiscoverResponse struct {
	SupportedVersions []kmip.ProtocolVersion
}

type GetAttributeRequest added in v1.0.0 

type GetAttributeRequest struct {
	// Contains all attributes of a caller request to revoke a KMIP key.
	UniqueIdentifier string
	AttributeName    string
}

type GetAttributeResponse added in v1.0.0 

type GetAttributeResponse struct {
	// Contains all attributes of the revoke key operation that are relevant to the caller.
	UniqueIdentifier string
	Attribute        string
}

type GetKeyRequest 

type GetKeyRequest struct {
	// Contains all attributes of a caller request to get a KMIP key.
	UniqueIdentifier string
	Operation        kmip14.Operation
}

type GetKeyResponse 

type GetKeyResponse struct {
	// Contains all attributes of the get key operation that are relevant to the caller.
	Type             kmip14.ObjectType
	UniqueIdentifier string
	KeyValue         *string
}

type KMIPOperations 

type KMIPOperations interface {
	CreateKey(context.Context, *ConfigurationSettings, *CreateKeyRequest) (*CreateKeyResponse, error)
	GetKey(context.Context, *ConfigurationSettings, *GetKeyRequest) (*GetKeyResponse, error)
	DestroyKey(context.Context, *ConfigurationSettings, *DestroyKeyRequest) (*DestroyKeyResponse, error)
	ActivateKey(context.Context, *ConfigurationSettings, *ActivateKeyRequest) (*ActivateKeyResponse, error)
	RevokeKey(context.Context, *ConfigurationSettings, *RevokeKeyRequest) (*RevokeKeyResponse, error)
	Register(context.Context, *ConfigurationSettings, *RegisterRequest) (*RegisterResponse, error)
	Locate(context.Context, *ConfigurationSettings, *LocateRequest) (*LocateResponse, error)
	Query(context.Context, *ConfigurationSettings, *QueryRequest) (*QueryResponse, error)
	SetAttribute(context.Context, *ConfigurationSettings, *SetAttributeRequest) (*SetAttributeResponse, error)
	Discover(context.Context, *ConfigurationSettings, *DiscoverRequest) (*DiscoverResponse, error)
	ReKey(context.Context, *ConfigurationSettings, *ReKeyRequest) (*ReKeyResponse, error)
	GetAttribute(context.Context, *ConfigurationSettings, *GetAttributeRequest) (*GetAttributeResponse, error)
	GenerateCreateKeyPayload(context.Context, *ConfigurationSettings, *CreateKeyRequest) interface{}
	GenerateLocatePayload(context.Context, *ConfigurationSettings, *LocateRequest) interface{}
}

func NewKMIPInterface 

func NewKMIPInterface(service string, configparams map[string]string) (KMIPOperations, error)

NewKMIPInterface : To return specific implementation of KMIP service interface

type LocateRequest 

type LocateRequest struct {
	// Contains all attributes of a caller request to revoke a KMIP key.
	Name         string
	AttribName1  string
	AttribValue1 string
	AttribName2  string
	AttribValue2 string
	Operation    kmip14.Operation
}

type LocateResponse 

type LocateResponse struct {
	// Contains all attributes of the revoke key operation that are relevant to the caller.
	UniqueIdentifier string
}

type QueryRequest 

type QueryRequest struct {
	// Contains all attributes of a caller request for a query.
	QueryFunction []kmip14.QueryFunction
	Id            string
}

type QueryResponse 

type QueryResponse struct {
	// Contains all attributes of the query response operation that are relevant to the caller.
	Operation             []kmip14.Operation  `json:"Operation,omitempty"`
	ObjectType            []kmip14.ObjectType `json:"Object Type,omitempty"`
	VendorIdentification  string              `json:"Vendor Identification,omitempty"`
	CapabilityInformation interface{}
}

type ReKeyRequest 

type ReKeyRequest struct {
	// Contains all attributes of a caller request to request new KMIP key.
	UniqueIdentifier string
}

type ReKeyResponse 

type ReKeyResponse struct {
	// Contains all attributes of the rekey operation that are relevant to the caller.
	UniqueIdentifier string
}

type RegisterRequest 

type RegisterRequest struct {
	// Contains all attributes of a caller request to register a KMIP key.
	Id                     string
	KeyMaterial            string
	KeyFormat              string
	DataType               string
	ObjGrp                 string
	AttribName1            string
	AttribValue1           string
	AttribName2            string
	AttribValue2           string
	AttribName3            string
	AttribValue3           string
	AttribName4            string
	AttribValue4           string
	Type                   string
	Name                   string
	Algorithm              kmip14.CryptographicAlgorithm
	CryptographicLength    uint32
	CryptographicUsageMask uint32
}

type RegisterResponse 

type RegisterResponse struct {
	// Contains all attributes of the revoke key operation that are relevant to the caller.
	UniqueIdentifier string
}

type RevokeKeyRequest 

type RevokeKeyRequest struct {
	// Contains all attributes of a caller request to revoke a KMIP key.
	UniqueIdentifier string
	RevocationReason uint32
	CompromiseDate   time.Time // optional
	Operation        kmip14.Operation
}

type RevokeKeyResponse 

type RevokeKeyResponse struct {
	// Contains all attributes of the revoke key operation that are relevant to the caller.
	UniqueIdentifier string
}

type RevokeNullStruct added in v1.1.0 

type RevokeNullStruct struct {
	RevocationReason kmip.RevocationReasonStruct // Required: Yes
}

type SetAttributeRequest 

type SetAttributeRequest struct {
	// Contains all attributes of a caller request to set an attribute to a managed object.
	UniqueIdentifier string
	AttributeName    string
	AttributeValue   string
}

type SetAttributeResponse 

type SetAttributeResponse struct {
	// Contains all attributes of the set attribute operation that are relevant to the caller.
	UniqueIdentifier string
	AttributeName    string
	AttributeValue   string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.