backend

package

v0.0.0-...-4386be4 Latest Latest Go to latest Published: Feb 15, 2025 License: MIT Imports: 23 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/foxboron/sbctl

Documentation ¶

Index ¶

Variables
type BackendType
- func GetBackendType(b []byte) (BackendType, error)
type FileKey
type KeyBackend
- func GetKeyBackend(state *config.State, k hierarchy.Hierarchy) (KeyBackend, error)
- func InitBackendFromKeys(state *config.State, priv, pem []byte, hier hierarchy.Hierarchy) (KeyBackend, error)
type KeyHierarchy
type TPMKey

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrAlreadySigned = errors.New("already signed file")
)

View Source

var RSAKeySize = 4096

Functions ¶

This section is empty.

Types ¶

type BackendType ¶

type BackendType string

const (
	FileBackend    BackendType = "file"
	YubikeyBackend BackendType = "yubikey"
	TPMBackend     BackendType = "tpm"
)

func GetBackendType ¶

func GetBackendType(b []byte) (BackendType, error)

type FileKey ¶

type FileKey struct {
	// contains filtered or unexported fields
}

func FileKeyFromBytes ¶

func FileKeyFromBytes(keyb, pemb []byte) (*FileKey, error)

func NewFileKey ¶

func NewFileKey(_ hierarchy.Hierarchy, desc string) (*FileKey, error)

func ReadFileKey ¶

func ReadFileKey(vfs afero.Fs, dir string, hier hierarchy.Hierarchy) (*FileKey, error)

func (*FileKey) Certificate ¶

func (f *FileKey) Certificate() *x509.Certificate

func (*FileKey) CertificateBytes ¶

func (f *FileKey) CertificateBytes() []byte

func (*FileKey) Description ¶

func (f *FileKey) Description() string

func (*FileKey) PrivateKeyBytes ¶

func (f *FileKey) PrivateKeyBytes() []byte

func (*FileKey) Signer ¶

func (f *FileKey) Signer() crypto.Signer

func (*FileKey) Type ¶

func (f *FileKey) Type() BackendType

type KeyBackend ¶

type KeyBackend interface {
	CertificateBytes() []byte
	PrivateKeyBytes() []byte
	Signer() crypto.Signer
	Certificate() *x509.Certificate
	Type() BackendType
	Description() string
}

func GetKeyBackend ¶

func GetKeyBackend(state *config.State, k hierarchy.Hierarchy) (KeyBackend, error)

func InitBackendFromKeys ¶

func InitBackendFromKeys(state *config.State, priv, pem []byte, hier hierarchy.Hierarchy) (KeyBackend, error)

type KeyHierarchy ¶

type KeyHierarchy struct {
	PK  KeyBackend
	KEK KeyBackend
	Db  KeyBackend
	// contains filtered or unexported fields
}

func CreateKeys ¶

func CreateKeys(state *config.State) (*KeyHierarchy, error)

func GetKeyHierarchy ¶

func GetKeyHierarchy(vfs afero.Fs, state *config.State) (*KeyHierarchy, error)

func ImportKeys ¶

func ImportKeys(keydir string) (*KeyHierarchy, error)

TODO: fix this

func NewKeyHierarchy ¶

func NewKeyHierarchy(state *config.State) *KeyHierarchy

func (*KeyHierarchy) GetConfig ¶

func (k *KeyHierarchy) GetConfig(keydir string) *config.Keys

func (*KeyHierarchy) GetKeyBackend ¶

func (k *KeyHierarchy) GetKeyBackend(e efivar.Efivar) KeyBackend

func (*KeyHierarchy) RotateKey ¶

func (k *KeyHierarchy) RotateKey(hier hierarchy.Hierarchy) error

func (*KeyHierarchy) RotateKeyWithBackend ¶

func (k *KeyHierarchy) RotateKeyWithBackend(hier hierarchy.Hierarchy, backend BackendType) error

func (*KeyHierarchy) RotateKeys ¶

func (k *KeyHierarchy) RotateKeys() error

func (*KeyHierarchy) SaveKey ¶

func (k *KeyHierarchy) SaveKey(vfs afero.Fs, hier hierarchy.Hierarchy, keydir string) error

func (*KeyHierarchy) SaveKeys ¶

func (k *KeyHierarchy) SaveKeys(fs afero.Fs, keydir string) error

func (*KeyHierarchy) SignFile ¶

func (k *KeyHierarchy) SignFile(hier hierarchy.Hierarchy, peBinary *authenticode.PECOFFBinary) ([]byte, error)

func (*KeyHierarchy) VerifyFile ¶

func (k *KeyHierarchy) VerifyFile(hier hierarchy.Hierarchy, r io.ReaderAt) (bool, error)

type TPMKey ¶

type TPMKey struct {
	*keyfile.TPMKey
	// contains filtered or unexported fields
}

func NewTPMKey ¶

func NewTPMKey(tpmcb func() transport.TPMCloser, desc string) (*TPMKey, error)

func ReadTPMKey ¶

func ReadTPMKey(vfs afero.Fs, tpmcb func() transport.TPMCloser, dir string, hier hierarchy.Hierarchy) (*TPMKey, error)

func TPMKeyFromBytes ¶

func TPMKeyFromBytes(tpmcb func() transport.TPMCloser, keyb, pemb []byte) (*TPMKey, error)

func (*TPMKey) Certificate ¶

func (t *TPMKey) Certificate() *x509.Certificate

func (*TPMKey) CertificateBytes ¶

func (t *TPMKey) CertificateBytes() []byte

func (*TPMKey) Description ¶

func (t *TPMKey) Description() string

func (*TPMKey) PrivateKeyBytes ¶

func (t *TPMKey) PrivateKeyBytes() []byte

func (*TPMKey) Signer ¶

func (t *TPMKey) Signer() crypto.Signer

func (*TPMKey) Type ¶

func (t *TPMKey) Type() BackendType

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL