Documentation ¶
Index ¶
- Constants
- func ActivateKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)
- func BatchCmdAddItem(ctx context.Context, BatchList []kmip.RequestBatchItem, ...) ([]kmip.RequestBatchItem, []byte, error)
- func BatchCmdCreateList() []kmip.RequestBatchItem
- func BatchCmdGenerateMessage(ctx context.Context, settings *ConfigurationSettings, ...) (kmip.RequestMessage, error)
- func CloseSession(ctx context.Context, settings *ConfigurationSettings) error
- func CreateKey(ctx context.Context, settings *ConfigurationSettings, id string) (string, error)
- func DestroyKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)
- func DiscoverServer(ctx context.Context, settings *ConfigurationSettings, ...) ([]kmip.ProtocolVersion, error)
- func GetAttribute(ctx context.Context, settings *ConfigurationSettings, uid string, ...) (string, error)
- func GetCommand(line string) string
- func GetKey(ctx context.Context, settings *ConfigurationSettings, uid string) (key *string, err error)
- func GetValue(line, key string) string
- func LocateUid(ctx context.Context, settings *ConfigurationSettings, id string, ...) (string, error)
- func OpenSession(ctx context.Context, settings *ConfigurationSettings) error
- func QueryServer(ctx context.Context, settings *ConfigurationSettings, ...) (string, error)
- func ReKey(ctx context.Context, settings *ConfigurationSettings, uid string) (string, error)
- func RegisterKey(ctx context.Context, settings *ConfigurationSettings, keymaterial string, ...) (string, error)
- func Restore(ctx context.Context, settings *ConfigurationSettings, filename string) (err error)
- func RevokeKey(ctx context.Context, settings *ConfigurationSettings, uid string, ...) (string, error)
- func SendRequestMessage(ctx context.Context, settings *ConfigurationSettings, operation uint32, ...) (*ttlv.Decoder, *kmip.ResponseBatchItem, error)
- func SetAttribute(ctx context.Context, settings *ConfigurationSettings, ...) (string, error)
- func SetValue(key, value string)
- func Store(ctx context.Context, settings *ConfigurationSettings) (err error)
- func ZeroizeMemory(data []byte)
- type ActivateKeyRequest
- type ActivateKeyResponse
- type BatchListItem
- type ConfigurationSettings
- type CreateKeyRequest
- type CreateKeyResponse
- type CreateNullStruct
- type DeleteKeyRequest
- type DeleteKeyResponse
- type DestroyKeyRequest
- type DestroyKeyResponse
- type DiscoverRequest
- type DiscoverResponse
- type GetAttributeRequest
- type GetAttributeResponse
- type GetKeyRequest
- type GetKeyResponse
- type KMIPOperations
- type LocateRequest
- type LocateResponse
- type QueryRequest
- type QueryResponse
- type ReKeyRequest
- type ReKeyResponse
- type RegisterRequest
- type RegisterResponse
- type RevokeKeyRequest
- type RevokeKeyResponse
- type RevokeNullStruct
- type SetAttributeRequest
- type SetAttributeResponse
Constants ¶
const ( MaxSupportedProtocolVersionMajor int = 2 MaxSupportedProtocolVersionMinor int = 0 MinSupportedProtocolVersionMajor int = 1 MinSupportedProtocolVersionMinor int = 4 )
Protocol
const ( QueryOpsOperation = "1" QueryOpsServerInfo = "3" )
const ( KMIP14Service string = "kmip14" KMIP20Service string = "kmip20" )
Supported interfaces
const (
DefaultBufferSize = 4096
)
const (
LastUID = "lastuid"
)
Variables ¶
This section is empty.
Functions ¶
func ActivateKey ¶
ActivateKey: Activate a key created using a unique identifier
func BatchCmdAddItem ¶ added in v1.1.0
func BatchCmdCreateList ¶ added in v1.1.0
func BatchCmdCreateList() []kmip.RequestBatchItem
func BatchCmdGenerateMessage ¶ added in v1.1.0
func BatchCmdGenerateMessage(ctx context.Context, settings *ConfigurationSettings, payload []kmip.RequestBatchItem) (kmip.RequestMessage, error)
func CloseSession ¶
func CloseSession(ctx context.Context, settings *ConfigurationSettings) error
CloseSession: Close the TLS connection with the KMS Server
func DestroyKey ¶
DestroyKey: destroy a key based on UID
func DiscoverServer ¶
func DiscoverServer(ctx context.Context, settings *ConfigurationSettings, clientVersions []kmip.ProtocolVersion) ([]kmip.ProtocolVersion, error)
Discover: Perform a discover operation to retrieve KMIP protocol versions supported.
func GetAttribute ¶ added in v1.0.0
func GetAttribute(ctx context.Context, settings *ConfigurationSettings, uid string, attribname1 string) (string, error)
GetAttribute: Register a key
func GetCommand ¶ added in v0.3.1
GetCommand: returns the first string from a command line, separated by spaces
func GetKey ¶
func GetKey(ctx context.Context, settings *ConfigurationSettings, uid string) (key *string, err error)
GetKey: Retrieve a key for a specified UID
func LocateUid ¶
func LocateUid(ctx context.Context, settings *ConfigurationSettings, id string, attribname1 string, attribvalue1 string, attribname2 string, attribvalue2 string) (string, error)
LocateUid: retrieve a UID for a ID
func OpenSession ¶
func OpenSession(ctx context.Context, settings *ConfigurationSettings) error
OpenSession: Read PEM files and establish a TLS connection with the KMS server
func QueryServer ¶
func QueryServer(ctx context.Context, settings *ConfigurationSettings, queryops []kmip14.QueryFunction) (string, error)
QueryServer: Perform a query operation.
func RegisterKey ¶ added in v1.0.0
func RegisterKey(ctx context.Context, settings *ConfigurationSettings, keymaterial string, keyformat string, datatype string, objgrp string, attribname1 string, attribvalue1 string, attribname2 string, attribvalue2 string, attribname3 string, attribvalue3 string, attribname4 string, attribvalue4 string, objtype string, name string) (string, error)
RegisterKey: Register a key
func Restore ¶ added in v0.3.1
func Restore(ctx context.Context, settings *ConfigurationSettings, filename string) (err error)
Restore: Read all configuration settings from a JSON file
func RevokeKey ¶
func RevokeKey(ctx context.Context, settings *ConfigurationSettings, uid string, reason uint32) (string, error)
RevokeKey: revoke a key based on UID
func SendRequestMessage ¶
func SendRequestMessage(ctx context.Context, settings *ConfigurationSettings, operation uint32, payload interface{}, dobatch bool) (*ttlv.Decoder, *kmip.ResponseBatchItem, error)
SendRequestMessage: Send a KMIP request message
func SetAttribute ¶ added in v0.3.2
func SetAttribute(ctx context.Context, settings *ConfigurationSettings, uid, attributeName, attributeValue string) (string, error)
SetAttribute: Set an attribute name and value for an uid
func SetValue ¶ added in v1.0.0
func SetValue(key, value string)
SetValue: store a value in a global table to be used with script variables ${variable}
func Store ¶ added in v0.3.1
func Store(ctx context.Context, settings *ConfigurationSettings) (err error)
Store: Save all configuration settings to a JSON file
func ZeroizeMemory ¶ added in v1.1.1
func ZeroizeMemory(data []byte)
ZeroizeMemory: Write '0' to a memory location
Types ¶
type ActivateKeyRequest ¶
type ActivateKeyResponse ¶
type ActivateKeyResponse struct { // Contains all attributes of the Activate key operation that are relevant to the caller. UniqueIdentifier string }
type BatchListItem ¶ added in v1.1.0
type ConfigurationSettings ¶ added in v0.3.1
type ConfigurationSettings struct { SaveSettingsToFile bool `json:"save_settings_to_file"` // Save the configuration settings to a file SettingsFile string `json:"settings_file"` // Configuration settings storage file KmsServerName string `json:"kms_server_name"` // KMS server name for informational purposes KmsServerIp string `json:"kms_server_ip"` // KMS server IP address KmsServerPort string `json:"kms_server_port"` // KMS server sort, typically 5696 CertAuthFile string `json:"cert_auth_file"` // Client certificate authority PEM file KeyFile string `json:"key_file"` // Client private key PEM file CertFile string `json:"cert_file"` // Client certificate PEM file Connection *tls.Conn `json:"connection"` // The TLS connection object returned from Dial ProtocolVersionMajor int `json:"protocol_version_major"` // Major version, 1, 2, or 3 ProtocolVersionMinor int `json:"protocol_version_minor"` // Minor version for 1.4 or 2.0 ServiceType string `json:"service_type"` // The KMIP version service string, kmip14, kmip20, etc ShowElapsed bool `json:"show_elapsed"` // Display the elapsed time for each command executed. }
type CreateKeyRequest ¶
type CreateKeyRequest struct { // Contains all attributes of a caller request to create a KMIP key. // Define if this is a certificate or key, the alg, length, and mask. Id string Type kmip14.ObjectType Algorithm kmip14.CryptographicAlgorithm CryptographicLength uint32 CryptographicUsageMask uint32 Operation kmip14.Operation }
type CreateKeyResponse ¶
type CreateKeyResponse struct { // Contains all attributes of the newly created key that are relevant to the caller. Key string TimeStamp time.Time // (DateTime/8): 2021-10-11 17:53:05 +0000 UTC BatchCount int // (Integer/4): 1 Operation int // (Enumeration/4): Create UniqueBatchItemID []byte // (ByteString/16): 0x44ce32c10ee5421bb8e0eb6892dfeccb ResultStatus int // (Enumeration/4): Success ObjectType int // (Enumeration/4): SymmetricKey UniqueIdentifier string // (TextString/1): 7 }
type CreateNullStruct ¶ added in v1.1.0
type CreateNullStruct struct{}
type DeleteKeyRequest ¶
type DeleteKeyRequest struct { // Contains all attributes of a caller request to delete a KMIP key. Type kmip14.ObjectType Operation kmip14.Operation }
type DeleteKeyResponse ¶
type DestroyKeyRequest ¶
type DestroyKeyResponse ¶
type DestroyKeyResponse struct { // Contains all attributes of the destroy key operation that are relevant to the caller. UniqueIdentifier string }
type DiscoverRequest ¶
type DiscoverRequest struct {
ClientVersions []kmip.ProtocolVersion
}
Discover: The response payload contains a list of protocol versions that are supported by the server. The protocol versions are ranked in decreasing order of preference. If the client provides the server with a list of supported protocol versions in the request payload, the server SHALL return only the protocol versions that are supported by both the client and server. The server SHOULD list all the protocol versions supported by both client and server. If the protocol version specified in the request header is not specified in the request payload and the server does not support any protocol version specified in the request payload, the server SHALL return an empty list in the response payload. If no protocol versions are specified in the request payload, the server SHOULD return all the protocol versions that are supported by the server.
type DiscoverResponse ¶
type DiscoverResponse struct {
SupportedVersions []kmip.ProtocolVersion
}
type GetAttributeRequest ¶ added in v1.0.0
type GetAttributeResponse ¶ added in v1.0.0
type GetKeyRequest ¶
type GetKeyResponse ¶
type GetKeyResponse struct { // Contains all attributes of the get key operation that are relevant to the caller. Type kmip14.ObjectType UniqueIdentifier string KeyValue *string }
type KMIPOperations ¶
type KMIPOperations interface { CreateKey(context.Context, *ConfigurationSettings, *CreateKeyRequest) (*CreateKeyResponse, error) GetKey(context.Context, *ConfigurationSettings, *GetKeyRequest) (*GetKeyResponse, error) DestroyKey(context.Context, *ConfigurationSettings, *DestroyKeyRequest) (*DestroyKeyResponse, error) ActivateKey(context.Context, *ConfigurationSettings, *ActivateKeyRequest) (*ActivateKeyResponse, error) RevokeKey(context.Context, *ConfigurationSettings, *RevokeKeyRequest) (*RevokeKeyResponse, error) Register(context.Context, *ConfigurationSettings, *RegisterRequest) (*RegisterResponse, error) Locate(context.Context, *ConfigurationSettings, *LocateRequest) (*LocateResponse, error) Query(context.Context, *ConfigurationSettings, *QueryRequest) (*QueryResponse, error) SetAttribute(context.Context, *ConfigurationSettings, *SetAttributeRequest) (*SetAttributeResponse, error) Discover(context.Context, *ConfigurationSettings, *DiscoverRequest) (*DiscoverResponse, error) ReKey(context.Context, *ConfigurationSettings, *ReKeyRequest) (*ReKeyResponse, error) GetAttribute(context.Context, *ConfigurationSettings, *GetAttributeRequest) (*GetAttributeResponse, error) GenerateCreateKeyPayload(context.Context, *ConfigurationSettings, *CreateKeyRequest) interface{} GenerateLocatePayload(context.Context, *ConfigurationSettings, *LocateRequest) interface{} }
func NewKMIPInterface ¶
func NewKMIPInterface(service string, configparams map[string]string) (KMIPOperations, error)
NewKMIPInterface : To return specific implementation of KMIP service interface
type LocateRequest ¶
type LocateResponse ¶
type LocateResponse struct { // Contains all attributes of the revoke key operation that are relevant to the caller. UniqueIdentifier string }
type QueryRequest ¶
type QueryRequest struct { // Contains all attributes of a caller request for a query. QueryFunction []kmip14.QueryFunction Id string }
type QueryResponse ¶
type QueryResponse struct { // Contains all attributes of the query response operation that are relevant to the caller. Operation []kmip14.Operation `json:"Operation,omitempty"` ObjectType []kmip14.ObjectType `json:"Object Type,omitempty"` VendorIdentification string `json:"Vendor Identification,omitempty"` CapabilityInformation interface{} }
type ReKeyRequest ¶
type ReKeyRequest struct { // Contains all attributes of a caller request to request new KMIP key. UniqueIdentifier string }
type ReKeyResponse ¶
type ReKeyResponse struct { // Contains all attributes of the rekey operation that are relevant to the caller. UniqueIdentifier string }
type RegisterRequest ¶
type RegisterRequest struct { // Contains all attributes of a caller request to register a KMIP key. Id string KeyMaterial string KeyFormat string DataType string ObjGrp string AttribName1 string AttribValue1 string AttribName2 string AttribValue2 string AttribName3 string AttribValue3 string AttribName4 string AttribValue4 string Type string Name string Algorithm kmip14.CryptographicAlgorithm CryptographicLength uint32 CryptographicUsageMask uint32 }
type RegisterResponse ¶
type RegisterResponse struct { // Contains all attributes of the revoke key operation that are relevant to the caller. UniqueIdentifier string }
type RevokeKeyRequest ¶
type RevokeKeyResponse ¶
type RevokeKeyResponse struct { // Contains all attributes of the revoke key operation that are relevant to the caller. UniqueIdentifier string }
type RevokeNullStruct ¶ added in v1.1.0
type RevokeNullStruct struct {
RevocationReason kmip.RevocationReasonStruct // Required: Yes
}