Documentation ¶
Index ¶
- Constants
- func ConvertPEMChainToX509Chain(pemChain []byte) ([]*x509.Certificate, error)
- func GenerateJwk() (*jose.JSONWebKey, error)
- func GenerateJwt(signer jose.Signer, claims interface{}) (string, error)
- func GenerateRSAKey() (*rsa.PrivateKey, error)
- func GetPreviousJwkFromSecret(managedSecrets *kubernetes.SecretLists, secretKey string) (*jose.JSONWebKey, error)
- func KeyIDsFromJwks(jwks *jose.JSONWebKeySet) []string
- func MergeJwks(jwk jose.JSONWebKey, secretsInUse v1.SecretList, secretKey string) (*jose.JSONWebKeySet, error)
- func NewKmsSigner(certChain []byte, kmsConfig config.KMS, ctx context.Context) (jose.Signer, error)
- func SetupSignerOptions(pemChain []byte) (*jose.SignerOptions, error)
- func X5tS256(cert *x509.Certificate) string
- type ByteSigner
- type ConfigurableSigner
- type KmsByteSigner
- type KmsKeyPath
- type KmsOptions
Constants ¶
View Source
const ( KeyUseSignature string = "sig" KeyAlgorithm string = "RS256" )
View Source
const SigningAlg = jose.RS256
Variables ¶
This section is empty.
Functions ¶
func ConvertPEMChainToX509Chain ¶
func ConvertPEMChainToX509Chain(pemChain []byte) ([]*x509.Certificate, error)
func GenerateJwk ¶
func GenerateJwk() (*jose.JSONWebKey, error)
func GenerateJwt ¶
func GenerateRSAKey ¶
func GenerateRSAKey() (*rsa.PrivateKey, error)
func GetPreviousJwkFromSecret ¶
func GetPreviousJwkFromSecret(managedSecrets *kubernetes.SecretLists, secretKey string) (*jose.JSONWebKey, error)
func KeyIDsFromJwks ¶
func KeyIDsFromJwks(jwks *jose.JSONWebKeySet) []string
func MergeJwks ¶
func MergeJwks(jwk jose.JSONWebKey, secretsInUse v1.SecretList, secretKey string) (*jose.JSONWebKeySet, error)
func NewKmsSigner ¶
func SetupSignerOptions ¶
func X5tS256 ¶
func X5tS256(cert *x509.Certificate) string
X5tS256 creates a base64url-encoded SHA-256 thumbprint of the given input certificate, as described in RFC 7517 section 4.9, i.e. the "x5t#S256" property.
Types ¶
type ByteSigner ¶
type ConfigurableSigner ¶
type ConfigurableSigner struct { SignerOptions *jose.SignerOptions ByteSigner ByteSigner }
func (ConfigurableSigner) Options ¶
func (ctx ConfigurableSigner) Options() jose.SignerOptions
func (ConfigurableSigner) Sign ¶
func (ctx ConfigurableSigner) Sign(payload []byte) (*jose.JSONWebSignature, error)
type KmsByteSigner ¶
type KmsByteSigner struct { Client *kms.KeyManagementClient Ctx context.Context SignerOptions *jose.SignerOptions KmsKeyPath KmsKeyPath }
type KmsKeyPath ¶
type KmsKeyPath string
type KmsOptions ¶
Source Files ¶
Click to show internal directories.
Click to hide internal directories.