globalsign

package module
v0.0.0-...-b69d85b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 30, 2022 License: MIT Imports: 15 Imported by: 1

README

globalsign-dss

Client SDK for GlobalSign Digital Signing Service API.

Requirements

  • mTLS certificate
  • Private Key that used to generate mTLS
  • API credentials

Usage

Example usage:

  • For unipdf integration with unipdf see unipdf-examples.
...

// Create GlobalSign client.
client, err := globalsign.NewClient("<API_KEY>", "<API_SECRET>", "<KEY_PATH>", "<CERT_PATH>")
if err != nil {
	return err
}

// Create signature handler.
handler, err := sign_handler.NewGlobalSignDSS(context.Background(), manager, option.SignedBy, map[string]interface{}{
	"common_name": "UniDoc"
})
if err != nil {
	return err
}

License Information

This source code package is licensed with MIT license.
However, when used in a software package with UniPDF it obeys the UniDoc EULA which is available at: https://unidoc.io/eula/

Credits

Thanks to @wja-id.
This package is modified from https://github.com/wja-id/globalsign-sdk

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrDigestRequired = errors.New("File digest required")
)

Errors definition.

Functions

This section is empty.

Types

type CertificatePathResponse 

type CertificatePathResponse struct {
	CA string `json:"path"`
}

CertificatePathResponse GlobalSign API response of `/certificate_path` endpoint.

type Client 

type Client struct {
	sync.RWMutex

	// BaseURL base URL of API.
	BaseURL *url.URL

	// DSSService Digital Signing Service (DSS).
	DSSService DSSService
	// contains filtered or unexported fields
}

Client implements a client for Globalsign Atlas DSS API service.

func NewClient 

func NewClient(apiKey, apiSecret, certPath, keyPath string) (*Client, error)

NewClient initiates client with API Key, API Secret, Certificate file path, Private Key file path and returns the globalsign client.

func NewClientWithOpts 

func NewClientWithOpts(opts *ClientOptions) (*Client, error)

NewClientWithOpts initiates client with `ClientOptions` and returns the globasign client.

func (*Client) Do 

func (c *Client) Do(req *http.Request, result interface{}) error

Do process the http request.

func (*Client) DoNewRequest 

func (c *Client) DoNewRequest(method, path string, result interface{}, params interface{}) error

DoNewRequest create new http client request and process the request.

func (*Client) NewRequest 

func (c *Client) NewRequest(method string, path string, params interface{}) (*http.Request, error)

NewRequest create new http client request.

func (*Client) SetAuthToken 

func (c *Client) SetAuthToken(at string)

SetAuthToken sets authentication token of the client.

func (*Client) SetUserAgent 

func (c *Client) SetUserAgent(ua string)

SetUserAgent sets user agent of the client.

type ClientOptions 

type ClientOptions struct {
	// BaseURL base url of API.
	BaseURL *url.URL

	// APIKey API key credentials.
	APIKey string

	// APISecret API secret credentials.
	APISecret string

	// CertFilePath path file to mTLS cert file.
	CertFilePath string

	// KeyFilePath path file to mTLS cert private key.
	KeyFilePath string
}

ClientOptions options for the globalsign client.

type DSSIdentity 

type DSSIdentity struct {
	ID          string
	SigningCert string
	OCSP        string
	CA          string
	Ts          time.Time
}

DSSIdentity represent acquired credential from login and identity request.

type DSSService 

type DSSService interface {
	Login(*LoginRequest) (*LoginResponse, error)
	Identity(*IdentityRequest) (*IdentityResponse, error)
	Timestamp(*TimestampRequest) (*TimestampResponse, error)
	Sign(*SigningRequest) (*SigningResponse, error)
	CertificatePath() (*CertificatePathResponse, error)
	TrustChain() (*TrustChainResponse, error)
	ValidationPolicy() (*ValidationPolicyResponse, error)
	QuotasSignatures() (*QuotasResponse, error)
	QuotasTimestamps() (*QuotasResponse, error)

	// DSS Identity and sign process services.
	DSSGetIdentity(context.Context, string, *IdentityRequest) (*DSSIdentity, error)
	DSSIdentitySign(context.Context, string, *IdentityRequest, []byte) ([]byte, error)
	DSSIdentityTimestamp(context.Context, string, *IdentityRequest, []byte) ([]byte, error)
}

DSSService implements GlobalSign Digital Signing Service.

type ExpiredIdentityFunc 

type ExpiredIdentityFunc func(key string, identity *DSSIdentity)

ExpiredIdentityFunc is a callback which will be called once identity expired.

type IdentityRequest 

type IdentityRequest struct {
	SubjectDn SubjectDn `json:"subject_dn"`
}

IdentityRequest GlobalSign API request parameters of `/identity` endpoint.

type IdentityResponse 

type IdentityResponse struct {
	ID           string `json:"id"`
	SigningCert  string `json:"signing_cert"`
	OCSPResponse string `json:"ocsp_response"`
}

IdentityResponse GlobalSign API response of `/identity` endpoint.

type IdentityVault 

type IdentityVault struct {
	// contains filtered or unexported fields
}

IdentityVault store DSS identity until its expired.

func NewIdentityVault 

func NewIdentityVault(duration time.Duration) *IdentityVault

NewIdentityVault is a helper to create instance of the identities vault struct.

func (*IdentityVault) Count 

func (cache *IdentityVault) Count() int

Count returns the number of items in the cache (helpful for tracking memory leaks).

func (*IdentityVault) Del 

func (cache *IdentityVault) Del(key string)

Del remove item without trigger callback.

func (*IdentityVault) Get 

func (cache *IdentityVault) Get(key string) (data *DSSIdentity, found bool)

Get is a thread-safe way to lookup items.

func (*IdentityVault) Set 

func (cache *IdentityVault) Set(key string, identity *DSSIdentity)

Set is a thread-safe way to add identity to cache.

type LoginRequest 

type LoginRequest struct {
	APIKey    string `json:"api_key"`
	APISecret string `json:"api_secret"`
}

LoginRequest GlobalSign API request parameters of `/login` endpoint.

type LoginResponse 

type LoginResponse struct {
	AccessToken string `json:"access_token"`
}

LoginResponse GlobalSign API response of `/login` endpoint.

type OrganizationUnit 

type OrganizationUnit struct {
	Static   bool     `json:"static"`
	List     []string `json:"list"`
	MinCount int      `json:"min_count"`
	MaxCount int      `json:"max_count"`
}

OrganizationUnit `organizational_unit` GlobalSign API response of `/validationpolicy` endpoint.

type PresenceFormat 

type PresenceFormat struct {
	Presence string `json:"presence"`
	Format   string `json:"format"`
}

PresenceFormat `presence` and `format` GlobalSign API response of `/validationpolicy` endpoint.

type QuotasResponse 

type QuotasResponse struct {
	Value int `json:"value"`
}

QuotasResponse GlobalSign API response of `/quotas/signatures` and `/quotas/timestamps` endpoint.

type Response 

type Response struct {
	*http.Response
}

Response wraps standard http Response with default response fields which returned from api.

type SigningRequest 

type SigningRequest struct {
	ID string `json:"id"`

	// Digest is the hex encoded SHA256 checksum of a source file.
	Digest string `json:"digest"`
}

SigningRequest GlobalSign API request parameters of `/identity/{id}/sign/{digest}` endpoint.

type SigningResponse 

type SigningResponse struct {
	Signature string `json:"signature"`
}

SigningResponse GlobalSign API response of `/identity/{id}/sign/{digest}` endpoint.

type SubjectDn 

type SubjectDn struct {
	Country                                        string                    `json:"country,omitempty"`
	State                                          string                    `json:"state,omitempty"`
	Locality                                       string                    `json:"locality,omitempty"`
	StreetAddress                                  string                    `json:"street_address,omitempty"`
	Organization                                   string                    `json:"organization,omitempty"`
	OrganizationUnit                               []string                  `json:"organization_unit,omitempty"`
	CommonName                                     string                    `json:"common_name,omitempty"`
	Email                                          string                    `json:"email,omitempty"`
	JurisdictionOfIncorporationLocalityName        string                    `json:"jurisdiction_of_incorporation_locality_name,omitempty"`
	JurisdictionOfIncorporationStateOrProvinceName string                    `json:"jurisdiction_of_incorporation_state_or_province_name,omitempty"`
	JurisdictionOfIncorporationCountryName         string                    `json:"jurisdiction_of_incorporation_country_name,omitempty"`
	BusinessCategory                               string                    `json:"business_category,omitempty"`
	ExtraAttributes                                []SubjectDnExtraAttribute `json:"extra_attributes,omitempty"`
}

SubjectDn parameter of `subject_dn`.

type SubjectDnExtraAttribute 

type SubjectDnExtraAttribute struct {
	Type string `json:"type"`
	Name string `json:"name"`
}

SubjectDnExtraAttribute extra attributes for parameter `extra_attributes`.

type TimestampRequest 

type TimestampRequest struct {
	Digest string `json:"digest"`
}

TimestampRequest GlobalSign API request parameters of `/timestamp/{digest}` endpoint.

type TimestampResponse 

type TimestampResponse struct {
	Token string `json:"token"`
}

TimestampResponse GlobalSign API response of `/timestamp/{digest}` endpoint.

type TrustChainResponse 

type TrustChainResponse struct {
	Trustchain         []string `json:"trustchain"`
	OcspRevocationInfo []string `json:"ocsp_revocation_info"`
}

TrustChainResponse GlobalSign API response of `/trustchain` endpoint.

type ValidationPolicyResponse 

type ValidationPolicyResponse struct {
	SubjectDn ValidationPolicySubjectDn `json:"subject_dn"`
}

ValidationPolicyResponse GlobalSign API response of `/validationpolicy` endpoint.

type ValidationPolicySubjectDn 

type ValidationPolicySubjectDn struct {
	CommonName                                     PresenceFormat         `json:"common_name"`
	Organization                                   PresenceFormat         `json:"organization"`
	OrganizationUnit                               OrganizationUnit       `json:"organization_unit"`
	Country                                        PresenceFormat         `json:"country"`
	State                                          PresenceFormat         `json:"state"`
	Locality                                       PresenceFormat         `json:"locality"`
	StreetAddress                                  PresenceFormat         `json:"street_address"`
	Email                                          PresenceFormat         `json:"email"`
	JurisdictionOfIncorporationLocalityName        PresenceFormat         `json:"jurisdiction_of_incorporation_locality_name"`
	JurisdictionOfIncorporationStateOrProvinceName PresenceFormat         `json:"jurisdiction_of_incorporation_state_or_province_name"`
	JurisdictionOfIncorporationCountryName         PresenceFormat         `json:"jurisdiction_of_incorporation_country_name"`
	ExtraAttributes                                map[string]interface{} `json:"extra_attributes"`
}

ValidationPolicySubjectDn GlobalSign API response of `/validationpolicy` endpoint `subject_dn`.

type VaultItem 

type VaultItem struct {
	sync.RWMutex
	// contains filtered or unexported fields
}

VaultItem represents a record identity.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.