credentials

Documentation

Index

• Constants
• func HmacStart(rw io.ReadWriter, sequenceAuth string, handle tpmutil.Handle, ...) (seqHandle tpmutil.Handle, err error)
• type HMACCredential
  • func NewHMACCredential(cfg *HMACCredentialConfig) (*HMACCredential, error)
  • func (ts *HMACCredential) MAC(msg []byte) ([]byte, error)
• type HMACCredentialConfig
• type PKCSConfig
• type TPMConfig
• type TinkConfig
• type VaultConfig

Constants

const (
	CmdHmacStart tpmutil.Command = 0x0000015B
)

Functions

func HmacStart

func HmacStart(rw io.ReadWriter, sequenceAuth string, handle tpmutil.Handle, hashAlg tpm2.Algorithm) (seqHandle tpmutil.Handle, err error)

Types

type HMACCredential

type HMACCredential struct {
	TinkConfig   TinkConfig
	PKCSConfig   PKCSConfig
	TPMConfig    TPMConfig
	VaultConfig  VaultConfig
	AccessKeyID  string
	SessionToken string
	// contains filtered or unexported fields
}

func NewHMACCredential

func NewHMACCredential(cfg *HMACCredentialConfig) (*HMACCredential, error)

func (*HMACCredential) MAC

func (ts *HMACCredential) MAC(msg []byte) ([]byte, error)

type HMACCredentialConfig

type HMACCredentialConfig struct {
	TinkConfig   TinkConfig
	PKCSConfig   PKCSConfig
	TPMConfig    TPMConfig
	VaultConfig  VaultConfig
	AccessKeyID  string
	SessionToken string
}

type PKCSConfig

type PKCSConfig struct {
	Library string
	Slot    int
	Label   string
	Id      []byte
	PIN     string
}

type TPMConfig

type TPMConfig struct {
	TpmHandleFile string
	TpmHandle     uint32
	TpmDevice     string
}

type TinkConfig

type TinkConfig struct {
	KmsBackend tink.AEAD
	JSONBytes  []byte
	// contains filtered or unexported fields
}

type VaultConfig

type VaultConfig struct {
	VaultToken  string
	VaultPath   string
	VaultCAcert string
	VaultAddr   string
}