Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ContextHandle

type ContextHandle struct {
	// contains filtered or unexported fields
}

    ContextHandle encapsulate basic mPkcs11.Ctx operations and manages sessions

    func LoadContextAndLogin

    func LoadContextAndLogin(lib, pin, label string) (*ContextHandle, error)

      LoadContextAndLogin loads Context handle and performs login

      func LoadPKCS11ContextHandle

      func LoadPKCS11ContextHandle(lib, label, pin string, opts ...Options) (*ContextHandle, error)

        LoadPKCS11ContextHandle loads PKCS11 context handler instance from underlying cache

        func ReloadPKCS11ContextHandle

        func ReloadPKCS11ContextHandle(lib, label, pin string, opts ...Options) (*ContextHandle, error)

          ReloadPKCS11ContextHandle deletes PKCS11 instance from underlying cache and loads new PKCS11 context handler in cache

          func (*ContextHandle) CloseSession

          func (handle *ContextHandle) CloseSession(session mPkcs11.SessionHandle) error

            CloseSession closes session handle and clears cache entry

            func (*ContextHandle) CopyObject

              CopyObject creates a copy of an object.

              func (*ContextHandle) CreateObject

              func (handle *ContextHandle) CreateObject(session mPkcs11.SessionHandle, temp []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, error)

                CreateObject creates a new object.

                func (*ContextHandle) Decrypt

                func (handle *ContextHandle) Decrypt(session mPkcs11.SessionHandle, cypher []byte) ([]byte, error)

                  Decrypt decrypts encrypted data in a single part.

                  func (*ContextHandle) DecryptInit

                  func (handle *ContextHandle) DecryptInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error

                    DecryptInit initializes a decryption operation.

                    func (*ContextHandle) DestroyObject

                    func (handle *ContextHandle) DestroyObject(sh mPkcs11.SessionHandle, oh mPkcs11.ObjectHandle) error

                      DestroyObject destroys an object.

                      func (*ContextHandle) Encrypt

                      func (handle *ContextHandle) Encrypt(session mPkcs11.SessionHandle, message []byte) ([]byte, error)

                        Encrypt encrypts single-part data.

                        func (*ContextHandle) EncryptInit

                        func (handle *ContextHandle) EncryptInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error

                          EncryptInit initializes an encryption operation.

                          func (*ContextHandle) FindKeyPairFromSKI

                          func (handle *ContextHandle) FindKeyPairFromSKI(session mPkcs11.SessionHandle, ski []byte, keyType bool) (*mPkcs11.ObjectHandle, error)

                            FindKeyPairFromSKI finds key pair by SKI

                            func (*ContextHandle) FindObjects

                            func (handle *ContextHandle) FindObjects(session mPkcs11.SessionHandle, max int) ([]mPkcs11.ObjectHandle, bool, error)

                              FindObjects continues a search for token and session objects that match a template, obtaining additional object handles. The returned boolean indicates if the list would have been larger than max.

                              func (*ContextHandle) FindObjectsFinal

                              func (handle *ContextHandle) FindObjectsFinal(session mPkcs11.SessionHandle) error

                                FindObjectsFinal finishes a search for token and session objects.

                                func (*ContextHandle) FindObjectsInit

                                func (handle *ContextHandle) FindObjectsInit(session mPkcs11.SessionHandle, temp []*mPkcs11.Attribute) error

                                  FindObjectsInit initializes a search for token and session objects that match a template.

                                  func (*ContextHandle) GenerateKey

                                  func (handle *ContextHandle) GenerateKey(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, temp []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, error)

                                    GenerateKey generates a secret key, creating a new key object.

                                    func (*ContextHandle) GenerateKeyPair

                                    func (handle *ContextHandle) GenerateKeyPair(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, public, private []*mPkcs11.Attribute) (mPkcs11.ObjectHandle, mPkcs11.ObjectHandle, error)

                                      GenerateKeyPair generates a public-key/private-key pair creating new key objects.

                                      func (*ContextHandle) GetAttributeValue

                                      func (handle *ContextHandle) GetAttributeValue(session mPkcs11.SessionHandle, objectHandle mPkcs11.ObjectHandle, attrs []*mPkcs11.Attribute) ([]*mPkcs11.Attribute, error)

                                        GetAttributeValue obtains the value of one or more object attributes.

                                        func (*ContextHandle) GetSession

                                        func (handle *ContextHandle) GetSession() (session mPkcs11.SessionHandle)

                                          GetSession returns session from session pool if pool is empty or completely in use, creates new session if new session is invalid recreates one after reloading ctx and re-login

                                          func (*ContextHandle) Login

                                          func (handle *ContextHandle) Login(session mPkcs11.SessionHandle) error

                                            Login logs a user into a token

                                            func (*ContextHandle) NotifyCtxReload

                                            func (handle *ContextHandle) NotifyCtxReload(ch chan struct{})

                                              NotifyCtxReload registers a channel to get notification when underlying mPkcs11.Ctx is recreated

                                              func (*ContextHandle) OpenSession

                                              func (handle *ContextHandle) OpenSession() (mPkcs11.SessionHandle, error)

                                                OpenSession opens a session between an application and a token.

                                                func (*ContextHandle) ReturnSession

                                                func (handle *ContextHandle) ReturnSession(session mPkcs11.SessionHandle)

                                                  ReturnSession returns session back into the session pool if pool is pull or session is invalid then discards session

                                                  func (*ContextHandle) SetAttributeValue

                                                  func (handle *ContextHandle) SetAttributeValue(session mPkcs11.SessionHandle, objectHandle mPkcs11.ObjectHandle, attrs []*mPkcs11.Attribute) error

                                                    SetAttributeValue modifies the value of one or more object attributes

                                                    func (*ContextHandle) Sign

                                                    func (handle *ContextHandle) Sign(session mPkcs11.SessionHandle, message []byte) ([]byte, error)

                                                      Sign signs (encrypts with private key) data in a single part, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.

                                                      func (*ContextHandle) SignInit

                                                      func (handle *ContextHandle) SignInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, o mPkcs11.ObjectHandle) error

                                                        SignInit initializes a signature (private key encryption) operation, where the signature is (will be) an appendix to the data, and plaintext cannot be recovered from the signature.

                                                        func (*ContextHandle) Verify

                                                        func (handle *ContextHandle) Verify(session mPkcs11.SessionHandle, data []byte, signature []byte) error

                                                          Verify verifies a signature in a single-part operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature.

                                                          func (*ContextHandle) VerifyInit

                                                          func (handle *ContextHandle) VerifyInit(session mPkcs11.SessionHandle, m []*mPkcs11.Mechanism, key mPkcs11.ObjectHandle) error

                                                            VerifyInit initializes a verification operation, where the signature is an appendix to the data, and plaintext cannot be recovered from the signature (e.g. DSA).

                                                            type Options

                                                            type Options func(opts *ctxOpts)

                                                              Options for PKCS11 ContextHandle

                                                              func WithConnectionName

                                                              func WithConnectionName(name string) Options

                                                                WithConnectionName name of connection to avoild collision with other connection instances in cache under same label and lib

                                                                func WithOpenSessionRetry

                                                                func WithOpenSessionRetry(count int) Options

                                                                  WithOpenSessionRetry number of retry for open session logic

                                                                  func WithSessionCacheSize

                                                                  func WithSessionCacheSize(size int) Options

                                                                    WithSessionCacheSize size of session cache pool