endpoint

package

v1.0.2 Latest Latest Go to latest Published: Oct 5, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/venafi/vsign

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Authentication
type Connector
type ConnectorType
- func (t ConnectorType) String() string
type Environment
type Filter
type SignOption

Constants ¶

View Source

const (
	ConnectorTypeUndefined ConnectorType = iota
	// ConnectorTypeTPP represents the TPP connector type
	ConnectorTypeTPP

	DefaultClientID = "vsign-sdk"
	DefaultScope    = "codesignclient;codesign;certificate:manage,discover"
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Authentication ¶

type Authentication struct {
	User         string
	Password     string
	APIKey       string
	JWT          string
	RefreshToken string
	Scope        string
	ClientId     string
	AccessToken  string
	ClientPKCS12 bool
}

Authentication provides a struct for authentication data. Either specify User and Password for Trust Platform or specify an APIKey for Cloud.

type Connector ¶

type Connector interface {
	// GetType returns a connector type (cloud/TPP/fake). Can be useful because some features are not supported by a Cloud connection.
	GetType() ConnectorType
	// SetProject sets a project (by name) for requests with this connector.
	SetProject(p string)
	// Get codesign protect environment keyid
	GetEnvironment() (Environment, error)
	// Get codesign protect environment key algorithm
	GetEnvironmentKeyAlgorithm() (string, error)
	// Sign
	//Sign(keyID string, mechanism int, digest string, data string, b64 bool, raw bool) ([]byte, error)
	Sign(so *SignOption) ([]byte, error)
	// Sign JWT
	SignJWT(KeyID string, headerPath string, payloadPath string) (string, error)
	// Get GPG public keys
	GetWKSPublicKeyBytes(email string) ([]byte, error)
	// Get JWKS
	GetJwksX5u(cert *x509.Certificate) (string, error)
	Ping() (err error)
	// Authenticate is usually called by NewClient and it is not required that you manually call it.
	Authenticate(auth *Authentication) (err error)
	GetCredential(auth *Authentication) (token string, err error)
	SetHTTPClient(client *http.Client)
}

Connector provides a common interface for external communications with TPP or Venafi Cloud

type ConnectorType ¶

type ConnectorType int

func (ConnectorType) String ¶

func (t ConnectorType) String() string

type Environment ¶

type Environment struct {
	KeyID                string
	KeyAlgorithm         string
	CertificateDN        string
	CertificateChainData [][]byte
}

type Filter ¶

type Filter struct {
	Limit       *int
	WithExpired bool
}

type SignOption ¶

type SignOption struct {
	KeyID      string `json:"-"`
	Mechanism  int    `json:"-"`
	DigestAlg  string `json:"-"`
	Payload    []byte `json:"-"`
	B64Flag    bool   `json:"-"`
	RawFlag    bool   `json:"-"`
	DigestFlag bool   `json:"-"`
}

KeyID = CodeSign Protect environment key guid Mechanism = CodeSign Protect PKCS#11 mechanism DigestAlg = {sha1, sha256, sha384, sha512} Payload = Raw byte stream data to be signed B64 = Boolean -> is incoming data already Base64 encoded Raw = Boolean -> Do we need the resulting raw signature ASN1. encoded

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL